8000 fix: prevent using backslash in file names by fzipi · Pull Request #3799 · coreruleset/coreruleset · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

fix: prevent using backslash in file names #3799

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Aug 25, 2024
Merged

fix: prevent using backslash in file names #3799

merged 7 commits into from
Aug 25, 2024

Conversation

fzipi
Copy link
Member
@fzipi fzipi commented Aug 20, 2024
edited
Loading

Prevents using backslash in file names.

Fixes 3MU-240701-2 for v4.

Thanks to @luelueking for reporting this.

@fzipi fzipi requested review from airween and theseion August 20, 2024 12:08
@fzipi
fix: prevent using backslash in file names
e2f184d 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
@fzipi fzipi force-pushed the fix/3MU-240701-2 branch from d730628 to e2f184d Compare August 20, 2024 12:09
theseion
theseion requested changes Aug 21, 2024
View reviewed changes
@fzipi fzipi force-pushed the fix/3MU-240701-2 branch from cec00a6 to 1d4ffd0 Compare August 21, 2024 13:37
@fzipi
fix: test FILES also
6b87b01 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
@fzipi fzipi force-pushed the fix/3MU-240701-2 branch from 1d4ffd0 to 6b87b01 Compare August 21, 2024 13:43
theseion
theseion requested changes Aug 22, 2024
View reviewed changes
@fzipi @theseion
Update tests/regression/tests/REQUEST-920-PROTOCOL-ENFORCEMENT/920120…
2363033 
….yaml

Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
@fzipi fzipi force-pushed the fix/3MU-240701-2 branch from 001a347 to 2363033 Compare August 22, 2024 16:10
theseion
theseion requested changes Aug 23, 2024
View reviewed changes
fzipi and others added 2 commits August 23, 2024 09:43
@fzipi @theseion
Apply suggestions from code review
dbc17c6 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
@fzipi
fix: tests
3e75d8c 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
@fzipi fzipi requested a review from theseion August 23, 2024 19:30
theseion
theseion requested changes Aug 24, 2024
View reviewed changes
Copy link
Contributor
@theseion theseion left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please put back the test for FILES_NAMES. The only issue in that test was the boundary definition. Delete the leading -- from the boundary definition in the Content-Type header and the test will work.

@fzipi fzipi mentioned this pull request Aug 24, 2024
Merged
@fzipi fzipi requested a review from theseion August 25, 2024 16:43
@fzipi fzipi added this pull request to the merge queue Aug 25, 2024
Merged via the queue into main with commit 9cd81e1 Aug 25, 2024
6 checks passed
@fzipi fzipi deleted the fix/3MU-240701-2 branch August 25, 2024 20:49
@fzipi fzipi mentioned this pull request Sep 2, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@theseion theseion theseion ap 5692 proved these changes

@airween airween Awaiting requested review from airween

Assignees
No one assigned
Labels
release:important
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fzipi @theseion
0