Ticket #2702 (new defect)

Opened 5 months ago

Last modified 5 months ago

path is leaking some sensitive infos

Reported by: anonymous Assigned to: cboos
Priority: normal Component: DoxygenPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.10

Description

Hi,

I'm not sure what's the ?paht=/full/path/diclosure/bla.html good for.

In my opinion it's disclosing potentialy sensitive informations.

Cheers, /thorkill

--- simple fix Index: 0.10/doxygentrac/doxygentrac.py =================================================================== --- 0.10/doxygentrac/doxygentrac.py (revision 3322) +++ 0.10/doxygentrac/doxygentrac.py (working copy) @@ -237,7 +237,7 @@

href=formatter.href.doxygen())

else:

return html.a(label, title=params,

- href=formatter.href.doxygen(link, path=path)) + href=formatter.href.doxygen(link))

yield ('doxygen', doxygen_link)

def get_wiki_syntax(self):

Attachments

Change History

03/07/08 08:48:51 changed by anonymous

patch once again - forgot about formating 

Index: 0.10/doxygentrac/doxygentrac.py
===================================================================
--- 0.10/doxygentrac/doxygentrac.py	(revision 3322)
+++ 0.10/doxygentrac/doxygentrac.py	(working copy)
@@ -237,7 +237,7 @@
                               href=formatter.href.doxygen())
             else:
                 return html.a(label, title=params,
-                              href=formatter.href.doxygen(link, path=path))
+                              href=formatter.href.doxygen(link))
         yield ('doxygen', doxygen_link)
 
     def get_wiki_syntax(self):

Add/Change #2702 (path is leaking some sensitive infos)




Change Properties
Action