Ticket #2702 (new defect)

Opened 5 years ago

Last modified 3 years ago

path is leaking some sensitive infos

Reported by: anonymous Assigned to: cboos
Priority: normal Component: DoxygenPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.10

Description (Last modified by rjollos)

Hi,

I'm not sure what's the ?paht=/full/path/diclosure/bla.html good for.

In my opinion it's disclosing potentialy sensitive informations.

Cheers, /thorkill

--- simple fix

  • 0.10/doxygentrac/doxygentrac.py

    old new  
    237237                              href=formatter.href.doxygen()) 
    238238            else: 
    239239                return html.a(label, title=params, 
    240                               href=formatter.href.doxygen(link, path=path)) 
     240                              href=formatter.href.doxygen(link)) 
    241241        yield ('doxygen', doxygen_link) 
    242242 
    243243    def get_wiki_syntax(self): 

Attachments

Change History

12/20/09 07:03:49 changed by anonymous

Any plans to merge this in SVN?

09/21/10 21:00:06 changed by rjollos

  • description changed.

Add/Change #2702 (path is leaking some sensitive infos)




Change Properties
Action