Context Navigation

receptionist.cpp

Timestamp:

2014-03-18T16:45:46+13:00 (10 years ago)

Author:

ak19

Message:

Commit 5 for security. Handles setmacro() occurrences in non action.cpp files. cl is safe from hacks now.

File:

-              r28899
+              r28912
   text_t compressedoptions = get_compressed_arg(args, logout);
   disp.setmacro ("compressedoptions", displayclass::defaultpackage, dm_safe(compressedoptions));
+  //disp.setmacro ("compressedoptionsUrlsafe", displayclass::defaultpackage, encodeForURL(dm_safe(compressedoptions))); // seems to be unnecessary after testing e=hack or e=hack<collect>... or e=...<collect>hack in a live server
   // need a decoded version of compressedoptions for use within forms
   // as browsers encode values from forms before sending to server
 …
       if (!cinfo.httpdomain.empty()) httpcollection = "http://";
       httpcollection += cinfo.httpdomain + httpprefix + "/collect/"
     + collection;
+    + encodeForURL(collection);
       disp.setmacro ("httpcollection", displayclass::defaultpackage,
              httpcollection);

Note: See TracChangeset for help on using the changeset viewer.