SiT! Bugs

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001601SiT!securitypublic2011-06-15 17:392011-09-04 20:45
Reporterivan 
Assigned Toivan 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version 
Target Version3.65 LTSFixed in Version3.65 LTS 
Summary0001601: Errors should strip path from in-page output
DescriptionWhen we report errors we often output full paths, this can give away information about the server architecture and it a potential minor security issue. We should strip paths when outputting errors unless debug mode is switched on. especially on non-authenticated pages.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
User avatar (0004275)
ivan (administrator)
2011-08-31 15:27

Fixed in SVN r7333
User avatar (0004276)
ivan (administrator)
2011-08-31 15:27

Also fixed in Git 1efe858

Paths are displayed when debug mode is on.
User avatar (0004293)
ivan (administrator)
2011-09-04 20:45

Fix released in v3.65

- Issue History
Date Modified Username Field Change
2011-06-15 17:39 ivan New Issue
2011-06-15 17:39 ivan Status new => assigned
2011-06-15 17:39 ivan Assigned To => ivan
2011-08-31 15:27 ivan Note Added: 0004275
2011-08-31 15:27 ivan Status assigned => resolved
2011-08-31 15:27 ivan Fixed in Version => Current SVN
2011-08-31 15:27 ivan Resolution open => fixed
2011-08-31 15:27 ivan Note Added: 0004276
2011-08-31 15:28 ivan Target Version => 3.65 LTS
2011-09-04 17:37 ivan Fixed in Version Current SVN => 3.65 LTS
2011-09-04 20:45 ivan Note Added: 0004293
2011-09-04 20:45 ivan Status resolved => closed


Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker