[Solar-talk] email header injection and new email class
Jeff Surgeson
solar at 3hex.com
Sun Apr 1 12:46:52 PDT 2007
> Quick followup: the newest SVN code now has extra paranoia when it
> comes to CR and LF characters; take a look at (e.g.) the
> Solar_Mail_Message::addHeader() and addTo() methods, and the
> Solar_Mail_Message_Part class getter/setter methods.
>
> Please let me know if you see any other possible injection locations.
That is awesome, thanks for the quick response to that, I will update that
site with my new framework based on svn and see if they can hack it :-D
Cheers!
--
...........::::::...........
Jeff Surgeson / South Africa
More information about the solar-talk
mailing list