#544: Potentially unsafe global request data is accessible in
Action::initialize() and View::initialize() and others
---------------------+------------------------------------------------------
Reporter: david | Owner: david
Type: defect | Status: new
Priority: high | Milestone: 0.11
Component: _OTHER_ | Version: 0.11.0RC5
Severity: major | Keywords:
---------------------+------------------------------------------------------
Not sure if we regard this a bug or not.
My suggestion is to lock the request for both, and also during other calls
like {{{isSecure()}}} and {{{getCredentials()}}}.
The reason why I think this needs fixing is that if we encourage people to
change the output type in a view's initialize method based on request
data, then there shouldn't be a way to access potentially insecure request
data there.
I don't think there is a use case for accessing the request data in
{{{Action::initialize()}}}, and most people probably did the right thing
and used the container's request data in {{{View::initialize()}}} anyway,
so there shouldn't be much BC breakage (we could label this a security fix
and just forget about it, or make this "hardened" mode configurable).
Opinions please?
--
Ticket URL: <http://trac.agavi.org/ticket/544>
Agavi <http://www.agavi.org/>
An MVC Framework for PHP5
_______________________________________________
Agavi Tickets Mailing List
[email protected]
http://lists.agavi.org/mailman/listinfo/tickets
