mirror of
https://gitlab.archlinux.org/archlinux/aurweb.git
synced 2025-02-03 10:43:03 +01:00
209b0b6eda
The callback parameter of the RPC interface currently allows for specifying a prefix of arbitrary length of the returned result. This can be exploited by certain attacks. As a countermeasure, this patch restricts the allowed character set for the callback name to letters, digits, underscores, parenthesis and dots. It also limits the length of the name to 128 characters. Furthermore, the reflected callback name is now always prepended with "/**/", which is a common workaround to protect against attacks such as Rosetta Flash. Fixes FS#46259. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org> |
||
|---|---|---|
| .. | ||
| acctfuncs.inc.php | ||
| aur.inc.php | ||
| aurjson.class.php | ||
| cachefuncs.inc.php | ||
| confparser.inc.php | ||
| credentials.inc.php | ||
| DB.class.php | ||
| feedcreator.class.php | ||
| gettext.php | ||
| pkgbasefuncs.inc.php | ||
| pkgfuncs.inc.php | ||
| pkgreqfuncs.inc.php | ||
| routing.inc.php | ||
| stats.inc.php | ||
| streams.php | ||
| translator.inc.php | ||
| version.inc.php | ||