diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2009-09-29 20:28:32 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2009-09-29 20:28:32 +0200 |
| commit | 66b23ce9f134c838f393fa452c450f8b6fc147c3 (patch) | |
| tree | 5445b8bc8a943e98e58c44f7f7fe86c78bf1a239 | |
| parent | 0d5f4833689967dde7f9fc2cbd1b6ada533bbb73 (diff) | |
| download | rpg-66b23ce9f134c838f393fa452c450f8b6fc147c3.tar.gz rpg-66b23ce9f134c838f393fa452c450f8b6fc147c3.tar.bz2 | |
Send export_raw as attachement to avoid IE's content sniffing [security]
Ignore-this: 9b6ef0179df729d4bc41c2d746965134
With MSIE's content-sniffing [1], the export_raw mode could be used for XSS
attacks against MSIE users. Sending the export as a download circumvents that.
[1] http://www.splitbrain.org/blog/2007-02/12-internet_explorer_facilitates_cross_site_scripting
darcs-hash:20090929182832-7ad00-085deb3fa8cc939b55cd293a8f4780b4b170d2e6.gz
| -rw-r--r-- | inc/actions.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/inc/actions.php b/inc/actions.php index d61781629..4ade9aab2 100644 --- a/inc/actions.php +++ b/inc/actions.php @@ -462,7 +462,7 @@ function act_edit($act){ * Export a wiki page for various formats * * Triggers ACTION_EXPORT_POSTPROCESS - * + * * Event data: * data['id'] -- page id * data['mode'] -- requested export mode @@ -490,6 +490,7 @@ function act_export($act){ switch($mode) { case 'raw': $headers['Content-Type'] = 'text/plain; charset=utf-8'; + $headers['Content-Disposition'] = 'attachment; filename='.noNS($ID).'.txt'; $output = rawWiki($ID,$REV); break; case 'xhtml': |