]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/commit
comments: Fix XSS security hole due to missing validation of page name.
authorJoey Hess <joey@kitenet.net>
Sat, 22 Jan 2011 14:15:33 +0000 (10:15 -0400)
committerJoey Hess <joey@kitenet.net>
Sat, 22 Jan 2011 14:15:33 +0000 (10:15 -0400)
commitdcfeaaad5b6ac478251e37be777de40da4d0909c
treea0868ee12139cb9e2a53fee94a9fef0de90ad01c
parent5d3998555ffbeb1c20b84dd4cdc46c825c07bec8
comments: Fix XSS security hole due to missing validation of page name.

Values have to be checked against wiki_file_regexp, not just file_pruned.
Audited the rest of the code base for similar problems, found none.
IkiWiki/Plugin/comments.pm
debian/changelog