granicus.if.org Git - php/commit

]> granicus.if.org Git - php/commit

author	Stefan Esser <sesser@php.net>
	Sat, 16 Jun 2007 07:47:46 +0000 (07:47 +0000)
committer	Stefan Esser <sesser@php.net>
	Sat, 16 Jun 2007 07:47:46 +0000 (07:47 +0000)
commit	fde56bd8589e010b41fc0f0ed8d234d9767589ef
tree	19e68ab68436b95fddaf37d3fbb982b08573897e	tree \| snapshot
parent	618f8916e677d000122b776dc009a12a92398394	commit \| diff

Fix attribute injection security bug correctly by URL encoding session
name and session value. (in future maybe encode path/domain, too)

Remove backward compatibility breaking blacklist of characters.

ext/session/session.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom