This is a snapshot of Indico's old Trac site. Any information contained herein is most probably outdated. Access our new GitHub site here.

Context Navigation

← Previous Ticket
Next Ticket →

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#510 closed defect (fixed)

Do not pass infoMsg and errorMsg as url parameter

Reported by:	lsyroka	Owned by:	lsyroka
Priority:	normal	Milestone:	v0.97.0
Component:	General	Version:	0.97.0
Keywords:		Cc:

Description

Passing those arguments as a parameter may compromise security.

Change History (3)

comment:1 Changed 5 years ago by lsyroka

Status changed from new to in_merge

comment:2 Changed 5 years ago by Leszek Syroka <leszek.marek.syroka@…>

Resolution set to fixed
Status changed from in_merge to closed

In [0951a821de1f0ce1612da200292d835cf8c7502a]:

[FIX] Do not pass infoMsg/errorMsg in url

those variable are no longer passed in url
inheritance in some request handlers was changed
fix#510

comment:3 Changed 5 years ago by Leszek Syroka <leszek.marek.syroka@…>

In [0951a821de1f0ce1612da200292d835cf8c7502a]:

[FIX] Do not pass infoMsg/errorMsg in url

those variable are no longer passed in url
inheritance in some request handlers was changed
fix#510

Note: See TracTickets for help on using tickets.

Download in other formats: