[TYPO3-team-templavoila] FYI: #13180: Sanitize returnUrl
Steffen Kamper
info at sk-typo3.de
Fri Jan 8 12:41:53 CET 2010
Hi,
FYI: the patch was committed to svn, 1_4 rev 28536 and trunk rev 28537
Bugtracker references:
http://bugs.typo3.org/view.php?id=13180
Branches:
trunk, 1_4
To be sure that the returnUrl is local and contains no XSS attack, this
patch sanitize the returnUrl.
Therefore a new static class is included, as the check has to be
differentiated for 4.1/4.2/4.3.
vg Steffen
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 13180.diff
URL: <http://lists.typo3.org/pipermail/typo3-team-templavoila/attachments/20100108/daced051/attachment.txt>
More information about the TYPO3-team-templavoila
mailing list