jersey
  1. jersey
  2. JERSEY-1055

Fix vulnerable sample of code in documentation

    Details

    • Type: Task Task
    • Status: Resolved
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 1.12
    • Fix Version/s: 1.13
    • Component/s: docs
    • Labels:
      None

      Description

      http://jersey.java.net/nonav/documentation/latest/jax-rs.html#d4e324

      The previous sample of code provided in the documentation should sanitize the parameter image before being pass to the File constructor.

      ... or the section could be rename "Filesystem backdoor"

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            Michal Gajdos
            Reporter:
            h3xstream
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: