You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shindig.apache.org by "Martin Webb (JIRA)" <ji...@apache.org> on 2008/01/09 14:30:34 UTC

[jira] Created: (SHINDIG-5) Missing /xn direcory for PHP implementation

Missing /xn direcory for PHP implementation
-------------------------------------------

                 Key: SHINDIG-5
                 URL: https://issues.apache.org/jira/browse/SHINDIG-5
             Project: Shindig
          Issue Type: Bug
            Reporter: Martin Webb


On line 376 of ./php/container.php there is a reference to an /xn directory:

	$request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");

Missing reference implementation.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (SHINDIG-5) Missing /xn direcory for PHP implementation

Posted by "Paul Lindner (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/SHINDIG-5?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Paul Lindner updated SHINDIG-5:
-------------------------------

    Component/s: Gadgets Server - PHP

> Missing /xn direcory for PHP implementation
> -------------------------------------------
>
>                 Key: SHINDIG-5
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-5
>             Project: Shindig
>          Issue Type: Bug
>          Components: Gadgets Server - PHP
>            Reporter: Martin Webb
>
> On line 376 of ./php/container.php there is a reference to an /xn directory:
> 	$request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");
> Missing reference implementation.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Resolved: (SHINDIG-5) Missing /xn direcory for PHP implementation

Posted by "Paul Lindner (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/SHINDIG-5?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Paul Lindner resolved SHINDIG-5.
--------------------------------

    Resolution: Invalid

No longer valid due to a new PHP implementation committed in SHINDIG-103


> Missing /xn direcory for PHP implementation
> -------------------------------------------
>
>                 Key: SHINDIG-5
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-5
>             Project: Shindig
>          Issue Type: Bug
>          Components: Gadgets Server - PHP
>            Reporter: Martin Webb
>
> On line 376 of ./php/container.php there is a reference to an /xn directory:
> 	$request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");
> Missing reference implementation.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (SHINDIG-5) Missing /xn direcory for PHP implementation

Posted by "Kevin Brown (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/SHINDIG-5?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12557398#action_12557398 ] 

Kevin Brown commented on SHINDIG-5:
-----------------------------------

$_SERVER['HTTP_HOST'] is also exploitable because HTTP_HOST actually comes from the HTTP Host header, which is sent by the client. It's probably not a big deal in this particular case, but it's something to watch out for.

> Missing /xn direcory for PHP implementation
> -------------------------------------------
>
>                 Key: SHINDIG-5
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-5
>             Project: Shindig
>          Issue Type: Bug
>            Reporter: Martin Webb
>
> On line 376 of ./php/container.php there is a reference to an /xn directory:
> 	$request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");
> Missing reference implementation.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (SHINDIG-5) Missing /xn direcory for PHP implementation

Posted by "Brian McCallister (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/SHINDIG-5?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12557378#action_12557378 ] 

Brian McCallister commented on SHINDIG-5:
-----------------------------------------

That would be a reference to Ning I missed. DOH!

> Missing /xn direcory for PHP implementation
> -------------------------------------------
>
>                 Key: SHINDIG-5
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-5
>             Project: Shindig
>          Issue Type: Bug
>            Reporter: Martin Webb
>
> On line 376 of ./php/container.php there is a reference to an /xn directory:
> 	$request = do_curl_request("http://" . $_SERVER['HTTP_HOST'] . "/xn/rest/1.0/profile:" . $screenName . "/contact(relationship='friend'&onNing='true')?begin=0&end=25&xn_auth=no");
> Missing reference implementation.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.