[dokuwiki] Re: Restricting actions

  • From: Chris Smith <chris@xxxxxxxxxxxxx>
  • To: dokuwiki@xxxxxxxxxxxxx
  • Date: Mon, 03 Jul 2006 13:40:07 +0100

Andi,

Is there another patch to come?

In my brief look through, I didnt' see any checking in or before actions.php. That could mean a spoofed request for a disabled command would perform the processing associated with that command - even if no html was generated.

Cheers,

Chris
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Other related posts: