Task #1472

Need to clean "slashes" usage.

Added by remi over 5 years ago. Updated almost 2 years ago.

Status:FeedbackStart date:08/14/2009
Priority:NormalDue date:
Assignee:moyo% Done:

0%

Category:Framework
Target version:Candidate for next major version

Description

Problem example : rules engine

Actually

input => slashes protected
output => not protected

Should be consistent.


Related issues

Related to GLPI-PROJECT - Task #2038: Create Sql Requests Framework Feedback 02/16/2010
Related to GLPI-PROJECT - Task #2272: Work on input / output filtering Feedback 09/07/2010

History

#1 Updated by moyo over 5 years ago

  • post / get values : slashes protected.
  • From DB : not slashes protected.

Need to have the save behaviour.

Idea : all datas are [not] slashes protected.

  • slash protected :
    • more secure but need to filter all display due to slashes
    • problem with may have problem on regex (need to stripslashes before)
Proposition : not slashes protected
  • addslashes on DB insert, update or select
  • clean slashes getting datas from DB
  • do clean_cross_side_scripting on post/get for security

#2 Updated by moyo over 5 years ago

  • Subject changed from RulesEngine : need to clean "slashes" usage. to Need to clean "slashes" usage.

#3 Updated by moyo over 5 years ago

  • Assignee set to moyo

#4 Updated by moyo over 5 years ago

  • Category changed from Rules Engines to Framework

#5 Updated by moyo about 5 years ago

  • Target version changed from 0.78 to 33

#6 Updated by moyo over 4 years ago

  • Tracker changed from Bug to Task

#7 Updated by moyo over 4 years ago

  • Target version changed from 33 to 0.85

#8 Updated by moyo almost 2 years ago

  • Status changed from New to Feedback
  • Target version changed from 0.85 to Candidate for next major version

Also available in: Atom PDF