projects
/
ikiwiki.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
2f241a3
)
prevent users from registering with name that is not a valid wikifile
author
joey
<joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>
Tue, 25 Apr 2006 05:53:22 +0000
(
05:53
+0000)
committer
joey
<joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>
Tue, 25 Apr 2006 05:53:22 +0000
(
05:53
+0000)
avoids XSS attacks and is generally a good limitation
IkiWiki/CGI.pm
patch
|
blob
|
history
diff --git
a/IkiWiki/CGI.pm
b/IkiWiki/CGI.pm
index 36d0e60082896e81fb8a16908edc208f74362869..067886c70d49c1eed93865b8f867584a73a06605 100644
(file)
--- a/
IkiWiki/CGI.pm
+++ b/
IkiWiki/CGI.pm
@@
-118,6
+118,7
@@
sub cgi_signin ($$) { #{{{
validate => sub {
my $name=shift;
length $name &&
+ $name=~/$wiki_file_regexp/ &&
! userinfo_get($name, "regdate");
},
);