[Pki-devel] [PATCH] 30 Escape parameter values in search filter.

Endi Sukma Dewata edewata at redhat.com
Wed Mar 14 19:48:06 UTC 2012

Previous message (by thread): [Pki-devel] [PATCH] 30 Escape parameter values in search filter.
Next message (by thread): [Pki-devel] patches for review - ECC key archival / recovery feature implementation - Bug 745278 - [RFE] ECC encryption keys cannot be archived
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 3/14/2012 1:09 PM, Endi Sukma Dewata wrote:
> The REST interface was vulnerable to injection attack. This has
> been fixed by escaping the special characters in parameter values
> before using them in the search filter.
>
> Ticket #96

ACKed by Ade. I added some clarification in the code. Pushed to master.

-- 
Endi S. Dewata

Previous message (by thread): [Pki-devel] [PATCH] 30 Escape parameter values in search filter.
Next message (by thread): [Pki-devel] patches for review - ECC key archival / recovery feature implementation - Bug 745278 - [RFE] ECC encryption keys cannot be archived
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Pki-devel mailing list