Bug #2722
Fixing security problems when downloading documents
Status:
Feature implemented
Priority:
Urgent
Assignee:
Category:
-
Target version:
Start date:
02/02/2011
Due date:
% Done:
100%
Estimated time:
Complexity:
Challenging
SCRUM pts - complexity:
?
Associated revisions
Adding trailing slash see #2722
Adding check_abs_path when using the DocumentManager::file_send_for_download to prevent downloading unwanted files see #2722
add css cropper in app.css - refs refs #2722
History
Updated by Julio Montoya almost 10 years ago
I found more problems when using the DocumentManager::file_send_for_download see
Updated by Julio Montoya almost 10 years ago
- % Done changed from 50 to 70
There is also a problem with exercice/Hpdownload.php and work/download.php that is already fixed with the previous commit
Updated by Julio Montoya almost 10 years ago
- Status changed from Needs more info to Feature implemented
- % Done changed from 70 to 100
Fixing security issue when downloading a document see #2722, adding check_abs + making more restrict the Document::is_visible function