[Fedora-directory-commits] dsgw/tests/dnedit testget.1, NONE, 1.1 testget.2, NONE, 1.1 testget.3, NONE, 1.1

Richard Allen Megginson (rmeggins) fedora-directory-commits at redhat.com
Tue Feb 19 15:20:26 UTC 2008

Author: rmeggins

Update of /cvs/dirsec/dsgw/tests/dnedit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23811/dsgw/tests/dnedit

Added Files:
	testget.1 testget.2 testget.3 
Log Message:
1) The old code used a CGI variable called completion_javascript - this variable contained arbitrary javascript code that was eval'd on in the client browser.  I have removed this code and put it in the resource file.  The dsgw code will set completion_javascript to one of the 3 keywords, and the new function emit_completion_javascript will look up the code in the resource file and output it with any required arguments.  It just seems like a really bad idea to execute arbitrary blobs of javascript passed in a CGI argument.

2) Make the checking for the template file names stricter.

3) Added many new tests.

4) When removing unused or duplicate LDAP Mods, if we remove the last one, just free the entire array.

--- NEW FILE testget.1 ---

--- NEW FILE testget.2 ---

--- NEW FILE testget.3 ---
dn=uid=scarter,ou=people,dc=example,dc=com&template=template&attr='</SCRIPT>You've just been p0wned&desc=desc

More information about the Fedora-directory-commits mailing list