Re: 1.7 checkout dialog open to clipboard injection
On 12.08.2011 13:39, Stein Somers wrote:
> When opening the checkout dialog on a non-empty folder (to check out
> into a new subfolder), I was surprised to see gibberish entered into
> the url and directory fields. After some experiments, I think that if
> your clipboard contains text starting with a word of at least two
> letters directly followed by a colon, e.g. "am:pm" (without quotes),
> the complete clipboard is pasted as value of both the url and
> directory fields. Maybe this is intended to make it easier to check
> out a URL in your clipboard, but then I don't understand why the
> complete URL is proposed as directory - the dialog itself says that
> colon is not a valid part of a filename (on Windows). If it is
> intended, it should be a little more strict on what it considers to
> be a URL. I don't know where the border is, but if the clipboard
> happens to contain megabytes of lines of text that start with "Error:
> ", it's not meant as a URL...
Improved the url check in r21824.
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest Interface to (Sub)Version Control
/_/ \_\ http://tortoisesvn.net
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-08-12 17:12:11 CEST
This is an archived mail posted to the TortoiseSVN Users