Ticket #1247 (closed defect: fixed)

Opened 11 months ago

Last modified 7 months ago

JSON escape security bug in TK5

Reported by: Joonas Lehtinen Owned by: Marc Englund
Priority: undefined Milestone: User Interface Library 5.2.0 RC
Component: gwt-adapter-server Version: 5.0.0-pre
Keywords: Cc:
Known Issue description:
Hours estimate: Deadline (dd.mm.yyyy):
Known Issue version (since): Known Issue title:
Hours done: Depends to:
Affects documentation: no
Known Issue workaround:
Affects release notes: yes Contract:

Description

We should user for(;;); instead of // for JSON (to avoid overriding errorhandling code in some "old browsers")

Change History

Changed 10 months ago by Joonas Lehtinen

  • milestone changed from User Interface Library 5.0.2 to User Interface Library 5.1.0 RC

Milestone User Interface Library 5.0.2 deleted

Changed 10 months ago by Marc Englund

Suggestion: implement "double cookie submission pattern" - AFAIK currently regarded as the safest solution.

Changed 10 months ago by Marc Englund

NOTE: "double cookie submission pattern" might require us to expose a request helper to JS, so that custom JS calls are not hard to do (this might be a good idea anyway). This is not necessarily a must, depending on how uri-handling (and parameter-handling) is implmented (requiring cookie or not).

Changed 9 months ago by Joonas Lehtinen

  • priority changed from minor to undefined

Changed 9 months ago by Marc Englund

Also check #1207 (marked as duplicate)

Changed 9 months ago by Marc Englund

  • owner changed from Joonas Lehtinen to Marc Englund
  • status changed from new to assigned

Changed 9 months ago by Marc Englund

  • status changed from assigned to closed
  • resolution set to fixed

Fixed in [3993]

Changed 7 months ago by Joonas Lehtinen

  • milestone changed from User Interface Library 5.1.2 to User Interface Library 5.2.0

Milestone User Interface Library 5.1.2 deleted

Note: See TracTickets for help on using tickets.