Shindig
  1. Shindig
  2. SHINDIG-1349

Consider validating shindig.container.util.getParamValue paramName argument.

    Details

    • Type: Improvement Improvement
    • Status: Open
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Javascript
    • Labels:
      None

      Description

      As a minor security precaution, we should consider validating the paramName argument passed into shindig.container.util.getParamValue to prevent regex's being passed in that might overbroadly match context.

        Activity

        John Hjelmstad created issue -
        Gavin made changes -
        Field Original Value New Value
        Workflow jira [ 12512405 ] patch-available, re-open possible [ 12629640 ]

          People

          • Assignee:
            Unassigned
            Reporter:
            John Hjelmstad
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:

              Development