[Pki-devel] [PATCH] 30 Escape parameter values in search filter.
Endi Sukma Dewata
edewata at redhat.com
Wed Mar 14 19:48:06 UTC 2012
On 3/14/2012 1:09 PM, Endi Sukma Dewata wrote:
> The REST interface was vulnerable to injection attack. This has
> been fixed by escaping the special characters in parameter values
> before using them in the search filter.
>
> Ticket #96
ACKed by Ade. I added some clarification in the code. Pushed to master.
--
Endi S. Dewata
More information about the Pki-devel
mailing list