[horde] Potentially Dangerous URL

[Jan Schneider]

Zitat von Martin Lohmeier <martin at mein-horde.de>:

> can someone tell my why URL that point to the same host are potentially
> dangerous (see horde/services/go.php)?

Because it is an URL created from user input that might trigger an 
action inside Horde.

> And is there a way to work around this in wicked when I add a link to an
> other (non-wiki) page on the same host?

If they are all of the same scheme, you can create a new Text_Wiki rule 
for these links that doesn't use Horde::externalUrl().

Jan.

-- 
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/