mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-05-02 14:28:30 +02:00
Code Issues Projects Releases Wiki Activity
82,596 Commits 37 Branches 536 Tags
Commit Graph

5 Commits

Author SHA1 Message Date
Damyon Wiese
af9a7937cc MDL-48980 Security: Always clean the result from min_get_slash_argument 
The result from this function is used in send_file calls and if unclean
(windows dir separators, or .. path components) it could expose sensitive
files (e.g. .php files). Now we always clean the result from this function
even if it means double cleaning.

I also fixed the unit test for this function and added a new test for this cleaning.

I also updated the comments to point to get_file_argument as the full version of
min_get_slash_argument.
 2015-01-28 14:38:29 +08:00
Dan Poltawski
7cefa10220 MDL-40676 tests: fix null byte test. 2013-09-02 13:58:53 +08:00
Petr Škoda
66871ac4cb MDL-39915 cleanup core_configonlylib_testcase 2013-07-27 13:14:41 +02:00
Petr Skoda
03f0cd1039 MDL-33007 fix incorrect min_fix_utf8() tests 
Credit goest to Eloy Lafuente.
 2012-06-04 10:45:44 +02:00
Petr Skoda
3681e78429 MDL-33007 add buggy iconv workaround to configonlylib, add tests and fix minor issues 2012-06-01 12:23:09 +02:00