You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by "Martin Webb (JIRA)" <ji...@apache.org> on 2008/01/09 14:30:34 UTC
[jira] Created: (SHINDIG-5) Missing /xn direcory for PHP
implementation
Missing /xn direcory for PHP implementation
-------------------------------------------
Key: SHINDIG-5
URL: https://issues.apache.org/jira/browse/SHINDIG-5
Project: Shindig
Issue Type: Bug
Reporter: Martin Webb
On line 376 of ./php/container.php there is a reference to an /xn directory:
$request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");
Missing reference implementation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-5) Missing /xn direcory for PHP
implementation
Posted by "Paul Lindner (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-5?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Paul Lindner updated SHINDIG-5:
-------------------------------
Component/s: Gadgets Server - PHP
> Missing /xn direcory for PHP implementation
> -------------------------------------------
>
> Key: SHINDIG-5
> URL: https://issues.apache.org/jira/browse/SHINDIG-5
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - PHP
> Reporter: Martin Webb
>
> On line 376 of ./php/container.php there is a reference to an /xn directory:
> $request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");
> Missing reference implementation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SHINDIG-5) Missing /xn direcory for PHP
implementation
Posted by "Paul Lindner (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-5?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Paul Lindner resolved SHINDIG-5.
--------------------------------
Resolution: Invalid
No longer valid due to a new PHP implementation committed in SHINDIG-103
> Missing /xn direcory for PHP implementation
> -------------------------------------------
>
> Key: SHINDIG-5
> URL: https://issues.apache.org/jira/browse/SHINDIG-5
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - PHP
> Reporter: Martin Webb
>
> On line 376 of ./php/container.php there is a reference to an /xn directory:
> $request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");
> Missing reference implementation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-5) Missing /xn direcory for PHP
implementation
Posted by "Kevin Brown (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-5?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12557398#action_12557398 ]
Kevin Brown commented on SHINDIG-5:
-----------------------------------
$_SERVER['HTTP_HOST'] is also exploitable because HTTP_HOST actually comes from the HTTP Host header, which is sent by the client. It's probably not a big deal in this particular case, but it's something to watch out for.
> Missing /xn direcory for PHP implementation
> -------------------------------------------
>
> Key: SHINDIG-5
> URL: https://issues.apache.org/jira/browse/SHINDIG-5
> Project: Shindig
> Issue Type: Bug
> Reporter: Martin Webb
>
> On line 376 of ./php/container.php there is a reference to an /xn directory:
> $request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");
> Missing reference implementation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-5) Missing /xn direcory for PHP
implementation
Posted by "Brian McCallister (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-5?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12557378#action_12557378 ]
Brian McCallister commented on SHINDIG-5:
-----------------------------------------
That would be a reference to Ning I missed. DOH!
> Missing /xn direcory for PHP implementation
> -------------------------------------------
>
> Key: SHINDIG-5
> URL: https://issues.apache.org/jira/browse/SHINDIG-5
> Project: Shindig
> Issue Type: Bug
> Reporter: Martin Webb
>
> On line 376 of ./php/container.php there is a reference to an /xn directory:
> $request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");
> Missing reference implementation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.