summaryrefslogtreecommitdiff
path: root/p11-kit/fixtures
diff options
context:
space:
mode:
authorLubomir Rintel <lkundrak@v3.sk>2016-12-28 16:11:21 +0100
committerDaiki Ueno <ueno@gnu.org>2017-01-12 14:17:43 +0100
commitcbf1e42e39c030edb3e2c72ae9b4d7dd7ccf3eea (patch)
tree1876cae3485cf00a28e57084f346a4c3728751e6 /p11-kit/fixtures
parent287ae8c14145d9cef55079e4de36b1607176cf89 (diff)
uri: fix the query attribute parsing
The pin-* attributes belong to the query part. We should not parse them until we see a '?' and they're separated with a '&'. This might be an important thing -- some of the query attributes may have security implications reaching outside scope of the token itself, to the host system itself. E.g. a pin-source may cause the consumer to access a file or module-path (unimplemented) execute code. The user may want to just chop the attribute part off if they want the consumer access the token and not take the security considerations into account.
Diffstat (limited to 'p11-kit/fixtures')
0 files changed, 0 insertions, 0 deletions