IVLE

User CGIs shouldn't able to crash IVLE by faking exception headers

Bug #531122 reported by William Grant on 2010-03-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	IVLE	Fix Released	Medium	William Grant	IVLE 1.0.1 "notthefirsttime"

Bug Description

User CGIs can fake IVLE exceptions or cause IVLE to really crash by adding fake X-IVLE-Error-* headers. We should disable detection of those in 'gentle' mode, which is used to make user CGI errors nice.

Related branches

lp:ivle

Revision history for this message

William Grant (wgrant) wrote on 2010-03-03:

Fixed in trunk r1780.

Changed in ivle:
status:	In Progress → Fix Committed

Revision history for this message

David Coles (dcoles) wrote on 2010-03-22:

Released in 1.0.1.

Changed in ivle:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.