Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes

Поиск
Список
Период
Сортировка
От Dave Page
Тема Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes
Дата
Msg-id CA+OCxoxHMMzgFCQ8hmMx9AtoYcRpVO2KJqLKJNWMf9=KYEJ7qw@mail.gmail.com
обсуждение исходный текст
Ответ на Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes  (Ashesh Vashi <ashesh.vashi@enterprisedb.com>)
Ответы Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes  (Ashesh Vashi <ashesh.vashi@enterprisedb.com>)
Список pgadmin-hackers
Дерево обсуждения


On Wed, May 10, 2017 at 8:56 AM, Ashesh Vashi <ashesh.vashi@enterprisedb.com> wrote:
Thanks.
Committed!

I agree with the change from a preventative/safety perspective, though I'm struggling to classify it as a security issue, given that collections are always named by the code and not from user input. 

Am I missing something?

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

В списке pgadmin-hackers по дате отправления:

Предыдущее
От: Ashesh Vashi
Дата:
Сообщение: Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes
Следующее
От: Ashesh Vashi
Дата:
Сообщение: Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes