incubator-callback-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Patrick Mueller (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CB-1494) Supports running server behind a proxy, such as Heroku Cedar
Date Wed, 19 Sep 2012 15:39:07 GMT

    [ https://issues.apache.org/jira/browse/CB-1494?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13458757#comment-13458757
] 

Patrick Mueller commented on CB-1494:
-------------------------------------

re: matcher; what if the XFF has multiple comma-separated addresses, with no spaces between
them?

re: XSS - I understand.  Are there existing XSS holes?  There may be, and we should look,
and generalize a sanitizing story with a new bug, if we do in fact find something.  But I'd
also be happy if we could at least ensure that the resulting XFF header value that we calculate
doesn't have any XSS possibilities, as we certainly haven't made the situation any worse.
 And in this case, I think we can.
                
> Supports running server behind a proxy, such as Heroku Cedar
> ------------------------------------------------------------
>
>                 Key: CB-1494
>                 URL: https://issues.apache.org/jira/browse/CB-1494
>             Project: Apache Cordova
>          Issue Type: New Feature
>          Components: weinre
>            Reporter: Patrick Mueller
>            Assignee: Patrick Mueller
>
> created for https://github.com/apache/incubator-cordova-weinre/pull/10

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message