[dev] Re: [cvs] commit: horde/services go.php
Jan Schneider
jan at horde.org
Sat Aug 7 09:36:03 PDT 2004
Zitat von Chuck Hagenbuch <chuck at horde.org>:
> Quoting Jan Schneider <jan at horde.org>:
>
>> Log:
>> If an "untrusted" parameter is set, pass the url content through,
>> if it does
>> not come from the local site. Otherwise cancel the request.
>>
>> Better ideas to catch only the horde web root instead of the whole website
>> *without* loading the registry are welcome.
>
> What is this intended to accomplish? I'm having trouble wrapping my
Redirecting embedded images like
<img src="admin/user.php?action=delete&user=all" />
> head around
> it without context. Also, why do we not want to load the registry? Just
> performance/efficiency?
Yes.
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting.php
More information about the dev
mailing list