[Buildbot-devel] base.py getAndCheckProperties
Amber Yust
ayust at yelp.com
Wed Apr 6 16:50:58 UTC 2011
Security through superior paranoia, mostly.
~Amber
On Wed, Apr 6, 2011 at 5:18 AM, Stephan Bergmann <
stephan.bergmann at oracle.com> wrote:
> In buildbot-0.8.3p1/buildbot/status/web/base.py getAndCheckProperties,
> where the custom build properties from a HTTP "Force build" request are
> processed, I wonder whether there is any reason to enforce that
> property%dname and property%dvalue each match r'^[\w\.\-\/\~:]*$'.
>
> (That bit me in a BuildBot setup where I wanted to use such a custom
> build property to specify two URIs separated by whitespace. The build
> request was silently dropped, and twisd.log contained the "bad property"
> log.msg.)
>
> -Stephan
>
>
> ------------------------------------------------------------------------------
> Xperia(TM) PLAY
> It's a major breakthrough. An authentic gaming
> smartphone on the nation's most reliable network.
> And it wants your games.
> http://p.sf.net/sfu/verizon-sfdev
> _______________________________________________
> Buildbot-devel mailing list
> Buildbot-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/buildbot-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://buildbot.net/pipermail/devel/attachments/20110406/d4106848/attachment.html>
More information about the devel
mailing list