Changeset 3838


Ignore:
Timestamp:
07/08/2009 09:42:05 PM (5 years ago)
Author:
mosipov
Message:

REOPENED - #3902: Unsanitized request parameters may cause the request loop endlessly

File:
1 edited

Legend:

Unmodified
Added
Removed
  • FCKeditor.Java/branches/2.4.x/java-core/src/main/java/net/fckeditor/tool/UtilsFile.java

    r3836 r3838  
    113113                return false; 
    114114         
    115         if (!path.equals(path.replaceAll("\\.|\\||:|\\?|\\*|\"|<|>|\\p{Cntrl}", "_"))) 
     115        // previous statement handles dot and (back) slash already 
     116        if (!path.equals(path.replaceAll("\\||:|\\?|\\*|\"|<|>|\\p{Cntrl}", "_"))) 
    116117                return false; 
    117118         
Note: See TracChangeset for help on using the changeset viewer.
© 2003 – 2012 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy