[
http://opencast.jira.com/browse/MH-3643?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=29996#comment-29996
]
Greg Logan commented on MH-3643:
--------------------------------
Per
http://opencast.3480289.n2.nabble.com/JIRA-Ticket-Cleanup-proposal-td7475080.html,
this has been bulk resolved as won't fix. If this is still important to you
please reopen and we can triage as appropriate.
> UrlSupport.concat() should ensure safe URLs
> -------------------------------------------
>
> Key: MH-3643
> URL: http://opencast.jira.com/browse/MH-3643
> Project: Matterhorn Project
> Issue Type: Task
> Components: Architecture & Services
> Affects Versions: None
> Reporter: Josh Holtzman
> Fix For: None
>
>
> Since this utility is responsible for creating URLs from string arrays, it
> should also take on the responsibility of ensuring that these URLs are safe
> (e.g. do not include scripts).
> This way, clients can construct URLs from aritrary (untrusted) strings (e.g.
> incoming form input or URLs)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
http://opencast.jira.com/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
Matterhorn mailing list
[email protected]
http://lists.opencastproject.org/mailman/listinfo/matterhorn
To unsubscribe please email
[email protected]
_______________________________________________
