Menu
▾
▴
[Gmod-gbrowse-cmts] Generic-Genome-Browser/cgi-bin gbrowse.PLS,1.15,1.16
|
From: <sco...@us...> - 2003-08-20 18:52:36
|
Update of /cvsroot/gmod/Generic-Genome-Browser/cgi-bin
In directory sc8-pr-cvs1:/tmp/cvs-serv25140
Modified Files:
gbrowse.PLS
Log Message:
disallow '../../../../../' etc attack; is this sufficent?
Index: gbrowse.PLS
===================================================================
RCS file: /cvsroot/gmod/Generic-Genome-Browser/cgi-bin/gbrowse.PLS,v
retrieving revision 1.15
retrieving revision 1.16
diff -C2 -d -r1.15 -r1.16
*** gbrowse.PLS 12 Aug 2003 22:31:16 -0000 1.15
--- gbrowse.PLS 20 Aug 2003 18:34:35 -0000 1.16
***************
*** 1986,1989 ****
--- 1986,1990 ----
else {
+ return if (${help_type} =~ /^\.\./); #don't allow ../../../../ etc attack
build_help_page("$conf_dir/${help_type}_help.html");
}
|