dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b200ac0) | patch
(bug 25793) Don't output the session ID over HTTP, allows session hijacking because...
authorRoan Kattouw <catrope@users.mediawiki.org>
Fri, 5 Nov 2010 11:42:41 +0000 (11:42 +0000)
committerRoan Kattouw <catrope@users.mediawiki.org>
Fri, 5 Nov 2010 11:42:41 +0000 (11:42 +0000)
commitdef196d1376d832236dd1b70e9bcbac9c004fd81
tree2f97ec93b448a2e0ce1abe7fb927cca51e9a5a37tree | snapshot
parentb200ac0c17050f5f8db190780134de4b685226fbcommit | diff
(bug 25793) Don't output the session ID over HTTP, allows session hijacking because logins that failed because no token was specified would output the session ID
includes/api/ApiLogin.php diff | blob | history
Wiklou, le Wiki du Wiklou