Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • G gestioCOF
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Issues 76
    • Issues 76
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 16
    • Merge requests 16
  • Deployments
    • Deployments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • Klub Dev ENSKlub Dev ENS
  • gestioCOF
  • Merge requests
  • !188

Hotfix/prevent ldap injection

  • Review changes

  • Download
  • Patches
  • Plain diff
Merged Martin Pepin requested to merge hotfix/prevent_ldap_injection into master Mar 17, 2017
  • Overview 13
  • Commits 7
  • Pipelines 0
  • Changes 8

Prevent LDAP injections in the autocompletion process by restricting the query to the alphanumeric words.

We let the users know about it by adding a help-text above each autocompletion input.

I can push this code to https://dev.cof.ens.fr/gestion upon request to allow the reviewers to test it on the actual LDAP database.

Fixes #150

Assignee
Assign to
Reviewers
Request review from
Time tracking
Source branch: hotfix/prevent_ldap_injection