| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Do only follow HTTP and HTTPS redirects | Lukas Reschke | 2014-09-22 | 1 | -0/+177 |
| We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server) Get final redirect manually using get_headers() Migrate to HTTPHelper class and add unit tests | |||||
 |
index : nextcloud-server.git | |
| Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server | www-data |
| summaryrefslogtreecommitdiffstats |