aboutsummaryrefslogtreecommitdiffstats
path: root/lib/inets/doc/src/notes.xml
diff options
context:
space:
mode:
authorMicael Karlberg <[email protected]>2011-09-15 09:43:48 +0200
committerMicael Karlberg <[email protected]>2011-09-15 09:43:48 +0200
commit98fd9df4c4a04554fd2f707ca9ea2d674fad984d (patch)
tree8861e1e85f352d828cf31f0690feaae63c0088bd /lib/inets/doc/src/notes.xml
parent50261525973798faf7f62ea02356447b16e5fc56 (diff)
downloadotp-98fd9df4c4a04554fd2f707ca9ea2d674fad984d.tar.gz
otp-98fd9df4c4a04554fd2f707ca9ea2d674fad984d.tar.bz2
otp-98fd9df4c4a04554fd2f707ca9ea2d674fad984d.zip
Updated http-server to make sure URLs in error-messages
are URL-encoded. Added support in http-client to use URL-encoding. Also added the missing include directory for the inets application. OTP-8940 [httpd] Prevent XSS in error pages. Prevent user controlled input from being interpreted as HTML in error pages by encoding the reserved HTML characters. Michael Santos OTP-9124
Diffstat (limited to 'lib/inets/doc/src/notes.xml')
-rw-r--r--lib/inets/doc/src/notes.xml31
1 files changed, 29 insertions, 2 deletions
diff --git a/lib/inets/doc/src/notes.xml b/lib/inets/doc/src/notes.xml
index 9ab35ff38b..ffbe4bd58f 100644
--- a/lib/inets/doc/src/notes.xml
+++ b/lib/inets/doc/src/notes.xml
@@ -1,10 +1,10 @@
-<?xml version="1.0" encoding="latin1" ?>
+<?xml version="1.0" encoding="iso-8859-1" ?>
<!DOCTYPE chapter SYSTEM "chapter.dtd">
<chapter>
<header>
<copyright>
- <year>2002</year><year>2010</year>
+ <year>2002</year><year>2011</year>
<holder>Ericsson AB. All Rights Reserved.</holder>
</copyright>
<legalnotice>
@@ -32,6 +32,33 @@
<file>notes.xml</file>
</header>
+ <section><title>Inets 5.3.5</title>
+
+ <section><title>Fixed Bugs and Malfunctions</title>
+ <list>
+ <item>
+ <p>Updated http-server to make sure URLs in error-messages
+ are URL-encoded. Added support in http-client to use
+ URL-encoding. Also added the missing include directory
+ for the inets application.</p>
+ <p>Own Id: OTP-8940</p>
+ <p>Aux Id: seq11735</p>
+ </item>
+
+ <item>
+ <p>[httpd] Prevent XSS in error pages.
+ Prevent user controlled input from being interpreted
+ as HTML in error pages by encoding the reserved HTML
+ characters. </p>
+ <p>Michael Santos</p>
+ <p>Own Id: OTP-9124</p>
+ </item>
+ </list>
+ </section>
+
+ </section> <!-- 5.3.5 -->
+
+
<section><title>Inets 5.3.4</title>
<section><title>Improvements and New Features</title>