Derrell Lipman wrote: > On Mon, Oct 19, 2009 at 11:27, exedor <gene...@itpsg.com > <mailto:gene...@itpsg.com>> wrote: > > I've changed that so it should work. Regardless, it isn't even > making it to > that check in index.php because like I said later on, the method > check is > done first and because the qooxdoo code I pasted above is sending > OPTIONS > instead of GET or POST, index.php is returning an error. > > See my other message on that topic. We don't ever send OPTIONS in any > qooxdoo code, so I have no idea where that's coming from. > > > >and insist that it's safe in your circumstances, you can enable > it. Are you > >using RpcPhp 1.0.1 or trunk? > > Looks like 1.0.1 google says that has code injection > vulnerabilities so it > looks like I will have to go to trunk anyway. > > > If 1.0.1 has code injection vulnerabilities, then so does trunk I > believe. I've never heard of any code injection vulnerabilities in > this code. If you know of any, I'd appreciate hearing about them. > I took a closer look and all the vulnerability reports look like they are directed at: XML-RPC for PHP XML-RPC for PHP 1.0 1
Which is a different project altogether. ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ qooxdoo-devel mailing list qooxdoo-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel
