Changeset 1770 for FCKeditor.Net
- Timestamp:
- 2008-03-22 11:59:58 (8 months ago)
- Location:
- FCKeditor.Net/trunk
- Files:
-
- 2 modified
-
FileBrowser/Connector.cs (modified) (2 diffs)
-
_whatsnew.html (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
FCKeditor.Net/trunk/FileBrowser/Connector.cs
r1202 r1770 38 38 if ( !Config.Enabled ) 39 39 { 40 XmlResponseHandler.SendError( Response, 1, "This connector is disabled. Please check the \"editor/filemanager/connectors/aspx/config.as px\" file." );40 XmlResponseHandler.SendError( Response, 1, "This connector is disabled. Please check the \"editor/filemanager/connectors/aspx/config.ascx\" file." ); 41 41 return; 42 42 } … … 67 67 68 68 // Check for invalid folder paths (..). 69 if ( sCurrentFolder.IndexOf( ".." ) >= 0 )69 if ( sCurrentFolder.IndexOf( ".." ) >= 0 || sCurrentFolder.IndexOf( "\\" ) >= 0 ) 70 70 { 71 71 XmlResponseHandler.SendError( Response, 102, "" ); -
FCKeditor.Net/trunk/_whatsnew.html
r1701 r1770 40 40 <li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/1945">#1945</a>] New folders 41 41 and file names are now properly sanitized against control characters.</li> 42 <li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/1944">#1944</a>] The "\" 43 character is now properly verified for all connector requests.</li> 42 44 </ul> 43 45 <h3>
