[
https://issues.apache.org/jira/browse/CB-1494?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13458757#comment-13458757
]
Patrick Mueller commented on CB-1494:
-------------------------------------
re: matcher; what if the XFF has multiple comma-separated addresses, with no
spaces between them?
re: XSS - I understand. Are there existing XSS holes? There may be, and we
should look, and generalize a sanitizing story with a new bug, if we do in fact
find something. But I'd also be happy if we could at least ensure that the
resulting XFF header value that we calculate doesn't have any XSS
possibilities, as we certainly haven't made the situation any worse. And in
this case, I think we can.
> Supports running server behind a proxy, such as Heroku Cedar
> ------------------------------------------------------------
>
> Key: CB-1494
> URL: https://issues.apache.org/jira/browse/CB-1494
> Project: Apache Cordova
> Issue Type: New Feature
> Components: weinre
> Reporter: Patrick Mueller
> Assignee: Patrick Mueller
>
> created for https://github.com/apache/incubator-cordova-weinre/pull/10
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
