You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shindig.apache.org by "Paul Lindner (JIRA)" <ji...@apache.org> on 2010/07/28 09:15:18 UTC
[jira] Resolved: (SHINDIG-966) token over-decoding
[ https://issues.apache.org/jira/browse/SHINDIG-966?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Paul Lindner resolved SHINDIG-966.
----------------------------------
Fix Version/s: 2.0.0-RC1
Resolution: Fixed
thanks for the patch!
> token over-decoding
> -------------------
>
> Key: SHINDIG-966
> URL: https://issues.apache.org/jira/browse/SHINDIG-966
> Project: Shindig
> Issue Type: Bug
> Components: PHP
> Affects Versions: 1.1-BETA1
> Reporter: Dmitry Vorobyev
> Assignee: Chris Chabot
> Fix For: 2.0.0-RC1
>
>
> ### Eclipse Workspace Patch 1.0
> #P gadget
> Index: http://svn.apache.org/repos/asf/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
> ===================================================================
> --- http://svn.apache.org/repos/asf/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php (revision 20842)
> +++ http://svn.apache.org/repos/asf/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php (working copy)
> @@ -292,9 +292,6 @@
> if (! isset($token) || $token == '') {
> $token = isset($_POST['st']) ? $_POST['st'] : '';
> }
> - if (count(explode(':', $token)) != 6) {
> - $token = urldecode(base64_decode($token));
> - }
> if (empty($token)) {
> throw new Exception("Missing or invalid security token");
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.