[cvs] commit: horde/config conf.xml horde/docs CHANGES framework/Horde Horde.php framework/Util Util.php horde/services go.php
Chuck Hagenbuch
chuck at horde.org
Fri Sep 12 04:10:06 UTC 2008
chuck 2008-09-12 00:10:06 EDT
Modified files:
config conf.xml
docs CHANGES
Horde Horde.php
Util Util.php
services go.php
Log:
[cjh] Sign parameters to go.php with an HMAC based on a new secret key
configuration value, to prevent using go.php as an open referrer.
[cjh] Make logout tokens only valid for a configurable length of time.
Also:
- checkRequestToken in Horde no longer requires a token only be used once; that
logic is left to Horde_Form, and this matches IMP::checkRequestToken().
- added Util::hmac() along with methods for URL-safe base64 en-/de-coding.
- added ngettext to list of stubbed methods at the end of Util.php
Revision Changes Path
1.687 +72 -22 framework/Horde/Horde.php
1.429 +75 -1 framework/Util/Util.php
1.239 +10 -1 horde/config/conf.xml
1.1157 +3 -0 horde/docs/CHANGES
1.28 +12 -3 horde/services/go.php
Chora Links:
http://cvs.horde.org/diff.php/framework/Horde/Horde.php?r1=1.686&r2=1.687&ty=u
http://cvs.horde.org/diff.php/framework/Util/Util.php?r1=1.428&r2=1.429&ty=u
http://cvs.horde.org/diff.php/horde/config/conf.xml?r1=1.238&r2=1.239&ty=u
http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.1156&r2=1.1157&ty=u
http://cvs.horde.org/diff.php/horde/services/go.php?r1=1.27&r2=1.28&ty=u
More information about the cvs
mailing list