[tor-bugs] #3709 [TorStatus]: Handle non-integer values in fields marked as integers better
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Aug 10 07:26:05 UTC 2011
#3709: Handle non-integer values in fields marked as integers better
-----------------------+----------------------------------------------------
Reporter: karsten | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: TorStatus | Version:
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
George reports:
> For a small issue, if you go to the advanced search page and give a
> non-integer value to fields marked as integers - like orport, dirport,
> bandwidth or uptime - you get django's debugging page, which
> fortunately doesn't contain super-sensitive information.
We turned off the Debug mode, so there's no debugging page anymore. But
now we only get an empty page in the error case. There should be some
output saying that only integers are allowed in those fields. More
generally, we should make sure that we check all input very carefully.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3709>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list