[SHINDIG-1349] Consider validating shindig.container.util.getParamValue paramName argument. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: Javascript
Labels:
None

Description

As a minor security precaution, we should consider validating the paramName argument passed into shindig.container.util.getParamValue to prevent regex's being passed in that might overbroadly match context.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: John Hjelmstad

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 03/Jun/10 02:23

Updated:: 03/Jun/10 02:23