Ignore:
Timestamp:
2014-03-13T14:34:48+13:00 (10 years ago)
Author:
ak19
Message:

First security commit. 1. Introducing the new securitools.h and .cpp files, which port the functions necessary to implement security in Greenstone from OWASP-ESAPI for Java, since OWASP's C++ version is largely not yet implemented, even though their code compiles. The newly added runtime-src/packages/security which contains OWASP ESAPI for C++ will therefore be removed again shortly. 2. receptionist.cpp now sets various web-encoded variants for each cgiarg macro, such as HTML entity encoded, attr encoded, javascript encoded (and css encoded variants). These are now used in the macro files based on which variant is suited to the context. 3. This commit further contains the minimum changes to protect the c, d, and p cgi variables.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/trunk/greenstone2/macros/urdu2.dm

    r24852 r28888  
    351351_textpassword_ [l=ur] {خفیہ کوڈ}
    352352
    353 _textmustbelongtogroup_ [l=ur] {یاد رکڟیے کہ آٟ کو اس صفحہ تک رسا؊ی کے لیے"_cgiargug_" گروٟ کا Ù
     353_textmustbelongtogroup_ [l=ur] {یاد رکڟیے کہ آٟ کو اس صفحہ تک رسا؊ی کے لیے"_cgiargugHtmlsafe_" گروٟ کا Ù
    354354Ù
    355355ؚر ہونا لازÙ
     
    705705_textdelinv_ [l=ur] {Ù
    706706جÙ
    707 ÙˆØ¹Û _cgiargbc1dirname_ Ù
     707وعہ _cgiargbc1dirnameHtmlsafe_ Ù
    708708حفو؞ ؎دہ حالت Ù
    709709یں ہے۔ اس لیے ڈیلیٹ نہیں کیا جا سکتا}
     
    711711_textdelsuc_ [l=ur] {Ù
    712712جÙ
    713 ÙˆØ¹Û _cgiargbc1dirname_ کاÙ
     713وعہ _cgiargbc1dirnameHtmlsafe_ کاÙ
    714714یاؚی سے ڈیلیٹ ہو گیا ہے}
    715715
     
    938938
    939939_textdeleteuser_ [l=ur] {صارف کو ڈیلیٹ کریں}
    940 _textremwarn_ [l=ur] {کیا آٟ حقیقتا <b>_cgiargumun_</b>? کو Ù
     940_textremwarn_ [l=ur] {کیا آٟ حقیقتا <b>_cgiargumunHtmlsafe_</b>? کو Ù
    941941Ú©Ù
    942942ل طور ٟر ختÙ
Note: See TracChangeset for help on using the changeset viewer.