aboutsummaryrefslogtreecommitdiffstats
path: root/lib/inets/doc/src
diff options
context:
space:
mode:
authorErlang/OTP <[email protected]>2011-09-15 09:54:39 +0200
committerErlang/OTP <[email protected]>2011-09-15 09:54:39 +0200
commit801ec3847e330b7d67b1e4ae700211380da0d6bd (patch)
tree8861e1e85f352d828cf31f0690feaae63c0088bd /lib/inets/doc/src
parent50261525973798faf7f62ea02356447b16e5fc56 (diff)
parent98fd9df4c4a04554fd2f707ca9ea2d674fad984d (diff)
downloadotp-801ec3847e330b7d67b1e4ae700211380da0d6bd.tar.gz
otp-801ec3847e330b7d67b1e4ae700211380da0d6bd.tar.bz2
otp-801ec3847e330b7d67b1e4ae700211380da0d6bd.zip
Merge branch 'bmk/inets/httpd/cross_site_scripting_attacks/OTP-9535' into maint-r13
* bmk/inets/httpd/cross_site_scripting_attacks/OTP-9535: Updated http-server to make sure URLs in error-messages are URL-encoded. Added support in http-client to use URL-encoding. Also added the missing include directory for the inets application.
Diffstat (limited to 'lib/inets/doc/src')
-rw-r--r--lib/inets/doc/src/http_client.xml6
-rw-r--r--lib/inets/doc/src/httpd.xml4
-rw-r--r--lib/inets/doc/src/notes.xml31
3 files changed, 34 insertions, 7 deletions
diff --git a/lib/inets/doc/src/http_client.xml b/lib/inets/doc/src/http_client.xml
index ea8053cafa..49327ca80f 100644
--- a/lib/inets/doc/src/http_client.xml
+++ b/lib/inets/doc/src/http_client.xml
@@ -1,10 +1,10 @@
-<?xml version="1.0" encoding="latin1" ?>
+<?xml version="1.0" encoding="iso-8859-1" ?>
<!DOCTYPE chapter SYSTEM "chapter.dtd">
<chapter>
<header>
<copyright>
- <year>2004</year><year>2010</year>
+ <year>2004</year><year>2011</year>
<holder>Ericsson AB. All Rights Reserved.</holder>
</copyright>
<legalnotice>
@@ -57,7 +57,7 @@
[{inets, [{services, [{httpc, PropertyList}]}]}]
</pre>
<p>For valid properties see
- <seealso marker="http">httpc(3)</seealso>. </p>
+ <seealso marker="httpc">httpc(3)</seealso>. </p>
</section>
<section>
diff --git a/lib/inets/doc/src/httpd.xml b/lib/inets/doc/src/httpd.xml
index 7dabeb33e9..f061488ac3 100644
--- a/lib/inets/doc/src/httpd.xml
+++ b/lib/inets/doc/src/httpd.xml
@@ -1,10 +1,10 @@
-<?xml version="1.0" encoding="latin1" ?>
+<?xml version="1.0" encoding="iso-8859-1" ?>
<!DOCTYPE erlref SYSTEM "erlref.dtd">
<erlref>
<header>
<copyright>
- <year>1997</year><year>2010</year>
+ <year>1997</year><year>2011</year>
<holder>Ericsson AB. All Rights Reserved.</holder>
</copyright>
<legalnotice>
diff --git a/lib/inets/doc/src/notes.xml b/lib/inets/doc/src/notes.xml
index 9ab35ff38b..ffbe4bd58f 100644
--- a/lib/inets/doc/src/notes.xml
+++ b/lib/inets/doc/src/notes.xml
@@ -1,10 +1,10 @@
-<?xml version="1.0" encoding="latin1" ?>
+<?xml version="1.0" encoding="iso-8859-1" ?>
<!DOCTYPE chapter SYSTEM "chapter.dtd">
<chapter>
<header>
<copyright>
- <year>2002</year><year>2010</year>
+ <year>2002</year><year>2011</year>
<holder>Ericsson AB. All Rights Reserved.</holder>
</copyright>
<legalnotice>
@@ -32,6 +32,33 @@
<file>notes.xml</file>
</header>
+ <section><title>Inets 5.3.5</title>
+
+ <section><title>Fixed Bugs and Malfunctions</title>
+ <list>
+ <item>
+ <p>Updated http-server to make sure URLs in error-messages
+ are URL-encoded. Added support in http-client to use
+ URL-encoding. Also added the missing include directory
+ for the inets application.</p>
+ <p>Own Id: OTP-8940</p>
+ <p>Aux Id: seq11735</p>
+ </item>
+
+ <item>
+ <p>[httpd] Prevent XSS in error pages.
+ Prevent user controlled input from being interpreted
+ as HTML in error pages by encoding the reserved HTML
+ characters. </p>
+ <p>Michael Santos</p>
+ <p>Own Id: OTP-9124</p>
+ </item>
+ </list>
+ </section>
+
+ </section> <!-- 5.3.5 -->
+
+
<section><title>Inets 5.3.4</title>
<section><title>Improvements and New Features</title>