View Issue Details

IDProjectCategoryView StatusLast Update
0006940Talerexchangepublic2021-08-24 16:22
ReporterFlorian Dold Assigned ToChristian Grothoff  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Versiongit (master) 
Target Version0.8Fixed in Version0.8 
Summary0006940: implement more validation logic for payto URIs
DescriptionWe want to make sure they are a well-formed URI. In particular, there may not be characters like "\n" or "<", ">", which might cause downstream problems with XSS.
TagsNo tags attached.

Activities

Christian Grothoff

2021-08-02 19:44

manager   ~0018053

Extended payto validation logic is now in TALER_payto_validate(), which is also used consistently (AFAIK) across the code.

Issue History

Date Modified Username Field Change
2021-07-23 13:19 Florian Dold New Issue
2021-07-23 13:19 Florian Dold Status new => assigned
2021-07-23 13:19 Florian Dold Assigned To => Christian Grothoff
2021-07-23 14:22 Christian Grothoff Assigned To Christian Grothoff =>
2021-07-23 14:22 Christian Grothoff Status assigned => confirmed
2021-08-01 15:02 Christian Grothoff Assigned To => Christian Grothoff
2021-08-01 15:02 Christian Grothoff Status confirmed => assigned
2021-08-01 15:02 Christian Grothoff Product Version => git (master)
2021-08-01 15:02 Christian Grothoff Target Version => 0.8
2021-08-02 19:44 Christian Grothoff Status assigned => resolved
2021-08-02 19:44 Christian Grothoff Resolution open => fixed
2021-08-02 19:44 Christian Grothoff Fixed in Version => 0.8
2021-08-02 19:44 Christian Grothoff Note Added: 0018053
2021-08-24 16:22 Christian Grothoff Status resolved => closed