diff options
| author | Micael Karlberg <[email protected]> | 2011-11-09 18:22:49 +0100 |
|---|---|---|
| committer | Micael Karlberg <[email protected]> | 2011-11-09 18:22:49 +0100 |
| commit | a7b67af7d2db9a442bd28952cca3fc61e5f0f227 (patch) | |
| tree | 93c878e712e9309469e8f1c2de80548e21f1143b /lib/inets/src/inets_app | |
| parent | f561a98a9b89738467b52ab5213562de753f6ad2 (diff) | |
| parent | 53b434e40047fc4e085f57412b4e2227faddf23b (diff) | |
| download | otp-a7b67af7d2db9a442bd28952cca3fc61e5f0f227.tar.gz otp-a7b67af7d2db9a442bd28952cca3fc61e5f0f227.tar.bz2 otp-a7b67af7d2db9a442bd28952cca3fc61e5f0f227.zip | |
[httpd] XSS prevention did not work for hex-encoded URL's.
OTP-9655
Merge branch 'bmk/inets/httpd/xss_when_erl_encoded/r14/OTP-9655' into bmk/inets/inets572_integration
Diffstat (limited to 'lib/inets/src/inets_app')
| -rw-r--r-- | lib/inets/src/inets_app/inets.appup.src | 72 |
1 files changed, 51 insertions, 21 deletions
diff --git a/lib/inets/src/inets_app/inets.appup.src b/lib/inets/src/inets_app/inets.appup.src index d5fdf86a60..ede0c10bef 100644 --- a/lib/inets/src/inets_app/inets.appup.src +++ b/lib/inets/src/inets_app/inets.appup.src @@ -18,23 +18,38 @@ {"%VSN%", [ + {"5.7.1", + [ + {load_module, http_uri, soft_purge, soft_purge, []}, + {load_module, http_util, soft_purge, soft_purge, []}, + {load_module, httpd_util, soft_purge, soft_purge, [http_util]}, + {load_module, httpd_file, soft_purge, soft_purge, []}, + {load_module, httpd_request, soft_purge, soft_purge, []} + ] + }, {"5.7", [ - {load_module, httpd_request, soft_purge, soft_purge, []}, - {load_module, httpc_cookie, soft_purge, soft_purge, [http_util]}, - {load_module, http_util, soft_purge, soft_purge, []} + {load_module, http_uri, soft_purge, soft_purge, []}, + {load_module, httpd_util, soft_purge, soft_purge, [http_util]}, + {load_module, httpd_file, soft_purge, soft_purge, []} + {load_module, httpd_request, soft_purge, soft_purge, []}, + {load_module, httpc_cookie, soft_purge, soft_purge, [http_util]}, + {load_module, http_util, soft_purge, soft_purge, []} ] }, {"5.6", [ - {load_module, httpd_request, soft_purge, soft_purge, []}, - {load_module, httpc, soft_purge, soft_purge, [httpc_manager]}, - {load_module, http_transport, soft_purge, soft_purge, [http_transport]}, - {load_module, httpc_cookie, soft_purge, soft_purge, [http_util]}, - {load_module, http_util, soft_purge, soft_purge, []}, - {update, httpc_handler, soft, soft_purge, soft_purge, []}, - {update, httpc_manager, soft, soft_purge, soft_purge, [httpc_handler]}, - {update, ftp, soft, soft_purge, soft_purge, []} + {load_module, http_uri, soft_purge, soft_purge, []}, + {load_module, httpd_util, soft_purge, soft_purge, [http_util]}, + {load_module, httpd_file, soft_purge, soft_purge, []} + {load_module, httpd_request, soft_purge, soft_purge, []}, + {load_module, httpc, soft_purge, soft_purge, [httpc_manager]}, + {load_module, http_transport, soft_purge, soft_purge, [http_transport]}, + {load_module, httpc_cookie, soft_purge, soft_purge, [http_util]}, + {load_module, http_util, soft_purge, soft_purge, []}, + {update, httpc_handler, soft, soft_purge, soft_purge, []}, + {update, httpc_manager, soft, soft_purge, soft_purge, [httpc_handler]}, + {update, ftp, soft, soft_purge, soft_purge, []} ] }, {"5.5.2", @@ -59,22 +74,37 @@ } ], [ + {"5.7.1", + [ + {load_module, http_uri, soft_purge, soft_purge, []}, + {load_module, http_util, soft_purge, soft_purge, []}, + {load_module, httpd_util, soft_purge, soft_purge, [http_util]}, + {load_module, httpd_file, soft_purge, soft_purge, []}, + {load_module, httpd_request, soft_purge, soft_purge, []}, + ] + }, {"5.7", [ - {load_module, httpd_request, soft_purge, soft_purge, []}, - {load_module, httpc_cookie, soft_purge, soft_purge, [http_util]}, - {load_module, http_util, soft_purge, soft_purge, []} + {load_module, http_uri, soft_purge, soft_purge, []}, + {load_module, httpd_util, soft_purge, soft_purge, [http_util]}, + {load_module, httpd_file, soft_purge, soft_purge, []} + {load_module, httpd_request, soft_purge, soft_purge, []}, + {load_module, httpc_cookie, soft_purge, soft_purge, [http_util]}, + {load_module, http_util, soft_purge, soft_purge, []} ] }, {"5.6", [ - {load_module, httpd_request, soft_purge, soft_purge, []}, - {load_module, httpc, soft_purge, soft_purge, [httpc_manager]}, - {load_module, http_transport, soft_purge, soft_purge, [http_transport]}, - {load_module, httpc_cookie, soft_purge, soft_purge, [http_util]}, - {load_module, http_util, soft_purge, soft_purge, []}, - {update, httpc_handler, soft, soft_purge, soft_purge, []}, - {update, httpc_manager, soft, soft_purge, soft_purge, [httpc_handler]}, + {load_module, http_uri, soft_purge, soft_purge, []}, + {load_module, httpd_util, soft_purge, soft_purge, [http_util]}, + {load_module, httpd_file, soft_purge, soft_purge, []} + {load_module, httpd_request, soft_purge, soft_purge, []}, + {load_module, httpc, soft_purge, soft_purge, [httpc_manager]}, + {load_module, http_transport, soft_purge, soft_purge, [http_transport]}, + {load_module, httpc_cookie, soft_purge, soft_purge, [http_util]}, + {load_module, http_util, soft_purge, soft_purge, []}, + {update, httpc_handler, soft, soft_purge, soft_purge, []}, + {update, httpc_manager, soft, soft_purge, soft_purge, [httpc_handler]}, {update, ftp, soft, soft_purge, soft_purge, []} ] }, |