[tahoe-lafs-trac-stream] [Tahoe-LAFS] #127: Cap URLs leaked via HTTP Referer header
Tahoe-LAFS
trac at tahoe-lafs.org
Sat Dec 24 04:31:37 UTC 2016
#127: Cap URLs leaked via HTTP Referer header
-------------------------+-------------------------------------------------
Reporter: warner | Owner: davidsarah
Type: defect | Status: assigned
Priority: major | Milestone: soon
Component: code- | Version: 0.7.0
frontend-web | Keywords: confidentiality integrity
Resolution: | preservation capleak research websec
Launchpad Bug: |
-------------------------+-------------------------------------------------
Comment (by Brian Warner <warner@…>):
In [changeset:"639cc92bcf59170aef1bb811c789412cf9c1da5f/trunk"
639cc92/trunk]:
{{{
#!CommitTicketReference repository="trunk"
revision="639cc92bcf59170aef1bb811c789412cf9c1da5f"
Merge PR378: add some no-referrer tags
I think this fixes some, but not all, of the places where <a href> tags
might
cause a browser to leak dircaps via the Referrer header.
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/127 discusses more thorough
fixes.
refs ticket:127
refs tahoe-lafs/tahoe-lafs#151
closes tahoe-lafs/tahoe-lafs#378
}}}
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/127#comment:44>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list