[Mono-bugs] [Bug 418620] Sys.Web is prone to "HTTP header injection" attacks
bugzilla_noreply at novell.com
bugzilla_noreply at novell.com
Wed Aug 20 08:16:46 EDT 2008
https://bugzilla.novell.com/show_bug.cgi?id=418620
User juraj at hotfeet.ch added comment
https://bugzilla.novell.com/show_bug.cgi?id=418620#c9
--- Comment #9 from Juraj Skripsky <juraj at hotfeet.ch> 2008-08-20 06:16:45 MDT ---
Created an attachment (id=234421)
--> (https://bugzilla.novell.com/attachment.cgi?id=234421)
optimization
Marek, what do you think about this patch?
Calling WebConfigurationManager.GetSection() for every single header makes me
feel a bit uneasy. GetSection will use the "sectionCache" property which in
turn uses the icall AppDomain.GetData. And ves_icall_System_AppDomain_GetData
uses the domain lock...
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
More information about the mono-bugs
mailing list