Commit 19516190 authored by Oliver Hader's avatar Oliver Hader
Browse files

Fixed bug #15898: It is (still) possible to download arbitrary files through...

Fixed bug #15898: It is (still) possible to download arbitrary files through the jumpurl feature (thanks to Helmut Hummel and Marcus Krause)

git-svn-id: https://svn.typo3.org/TYPO3v4/Core/branches/TYPO3_4-1@8978 709f56b5-9817-0410-a4d7-c38de5d9e867
parent 88cf8b06
2010-10-06 Oliver Hader <oliver@typo3.org>
* Fixed bug #15898: It is (still) possible to download arbitrary files through the jumpurl feature (thanks to Helmut Hummel and Marcus Krause)
2010-08-06 Oliver Hader <oliver@typo3.org>
* Release of TYPO3 4.1.15
......
......@@ -2328,7 +2328,7 @@
);
$calcJuHash=t3lib_div::shortMD5(serialize($hArr));
$juHash = t3lib_div::_GP('juHash');
if ($juHash == $calcJuHash) {
if ($juHash === $calcJuHash) {
if ($this->locDataCheck($locationData)) {
$this->jumpurl = rawurldecode($this->jumpurl); // 211002 - goes with cObj->filelink() rawurlencode() of filenames so spaces can be allowed.
// Deny access to files that match TYPO3_CONF_VARS[SYS][fileDenyPattern] and whose parent directory is typo3conf/ (there could be a backup file in typo3conf/ which does not match against the fileDenyPattern)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment