View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 1653 | Composr | General / Uncategorised | public | 2014-06-14 18:08 | 2014-06-14 18:08 |
| Reporter | Chris Graham | Assigned To | Chris Graham | ||
| Priority | high | Severity | minor | ||
| Status | resolved | Resolution | fixed | ||
| Product Version | 9.0.13 | ||||
| Summary | 1653: Filenames with two dots in a page directory, false hack-attempt detections | ||||
| Description | If a page file has two dots in the name, e.g. example.old.txt, then Composr detects this as invalid input and produces a hack-attempt error. Detecting them as invalid is correct as such named files can be malicious for a number of reasons, but the correct solution is for Composr to not detect such pages in the first place as they are probably just manual backup files or filesystem metadata files that were accidentally uploaded. | ||||
| Tags | No tags attached. | ||||
| Attach Tags | |||||
| Attached Files | |||||
| Time estimation (hours) | |||||
| Sponsorship open | |||||
|
|
Fixed in git commit efce8cb (https://github.com/chrisgraham/Composr/commit/efce8cb - link will become active once code pushed) A hotfix (a TAR of files to upload) have been uploaded to this issue. These files are made to the latest intra-version state (i.e. may roll in earlier fixes too if made to the same files) - so only upload files newer than what you have already. Always take backups of files you are replacing or keep a copy of the manual installer for your version, and only apply fixes you need. These hotfixes are not necessarily reliable or well supported. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/). |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2023-02-26 18:29 | Chris Graham | Category | General => General / Uncategorised |
