Project

General

Profile

Actions

bug #9220

closed

adapt dataportal to /registrationDTO now using identifier as query parameter and secure against CVE-2007-0450 vulnerability

Added by Andreas Kohlbecker about 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Highest
Category:
cdm-dataportal
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Severity:
normal
Found in Version:

Description

A)
the registration page must be secured against CVE-2007-0450 by using an identifier query parameter.

B)
after solving #9218: adapt dataportal to /registrationDTO & /registration now using identifier as query parameter

http://cdmserver.org/registrationDTO?identifier=http://testbank.org/100001
http://cdmserver.org/registration/status?identifier=http://testbank.org/100001

Related issues

Related to EDIT - bug #9218: Change /registrationDTO/identifier/... signatures to use query parameters insteadClosedAndreas Kohlbecker

Actions
Related to EDIT - task #9219: Revert: requests with %2F in URL are rejected by apache NewAndreas Kohlbecker

Actions
Related to EDIT - bug #9383: Adapt apache configuration to modified dataportal registration page URL patternClosedAndreas Kohlbecker

Actions
Actions #1

Updated by Andreas Kohlbecker about 2 years ago

  • Related to bug #9218: Change /registrationDTO/identifier/... signatures to use query parameters instead added
Actions #2

Updated by Andreas Kohlbecker about 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 50
Actions #3

Updated by Andreas Kohlbecker about 2 years ago

  • Subject changed from adapt dataportal to /registrationDTO now using identifier as query parameter to adapt dataportal to /registrationDTO now using identifier as query parameter and secure against CVE-2007-0450 vulnerability
  • Description updated (diff)
Actions #4

Updated by Andreas Kohlbecker about 2 years ago

  • Related to task #9219: Revert: requests with %2F in URL are rejected by apache added
Actions #5

Updated by Andreas Kohlbecker almost 2 years ago

  • Status changed from Resolved to Closed
  • % Done changed from 50 to 100
Actions #6

Updated by Andreas Kohlbecker almost 2 years ago

  • Related to bug #9383: Adapt apache configuration to modified dataportal registration page URL pattern added
Actions

Also available in: Atom PDF