[Rabbit-dev] cross-site-scripting vulnerabiltiy
robo at khelekore.org
robo at khelekore.org
Sat Feb 27 10:09:51 CET 2010
Hello!
> Couple quick questions:
> 1) is there a public (readonly) source repository for this or is it just
> available as individual tar.gz downloads
Currently there is none, but I can probably set up a git-mirror of
my working tree. It will take some days though, since I am currently
traveling.
> 2) src/rabbit/proxy/StandardResponseHeaders:148 needs to escape/encode the
> url.
You are probably correct in that and it ought to be easy to fix.
That code actually comes from the rabbit/2.x if I remember correctly.
I will take a look at it later.
/robo
More information about the Rabbit-dev
mailing list