]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/commit
projects / git.ikiwiki.info.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5d39985) | patch
comments: Fix XSS security hole due to missing validation of page name.
authorJoey Hess <joey@kitenet.net>
Sat, 22 Jan 2011 14:15:33 +0000 (10:15 -0400)
committerJoey Hess <joey@kitenet.net>
Sat, 22 Jan 2011 14:15:33 +0000 (10:15 -0400)
commitdcfeaaad5b6ac478251e37be777de40da4d0909c
treea0868ee12139cb9e2a53fee94a9fef0de90ad01ctree | snapshot
parent5d3998555ffbeb1c20b84dd4cdc46c825c07bec8commit | diff
comments: Fix XSS security hole due to missing validation of page name.

Values have to be checked against wiki_file_regexp, not just file_pruned.
Audited the rest of the code base for similar problems, found none.
IkiWiki/Plugin/comments.pm diff | blob | history
debian/changelog diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.