[prev in list] [next in list] [prev in thread] [next in thread]
List: gallery-devel
Subject: [Gallery-devel] FYI: [img] image embedding is disabled on the forums
From: Bharat Mediratta <bharat () menalto ! com>
Date: 2013-06-13 5:02:53
Message-ID: CAESa+_mxy4erjE1gJVKvRD6NKaph=m1garAzVdkTU0U0NR7G_Q () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hey guys. John Carroll alerted us to a potential vulnerability with
embedding images from remote servers on pages that we serve from our
forums. It's a relatively low risk that is unlikely to affect our users,
but it's worth guarding against. As a result, I've disabled this embedding
feature. When we upgrade Drupal to version 7 (under way!) we can bring
this functionality back.
Sorry. Security is the enemy of convenience and all that.
-Bharat
[Attachment #5 (text/html)]
<div dir="ltr"><br><div style>Hey guys. John Carroll alerted us to a potential \
vulnerability with embedding images from remote servers on pages that we serve from \
our forums. It's a relatively low risk that is unlikely to affect our users, but \
it's worth guarding against. As a result, I've disabled this embedding \
feature. When we upgrade Drupal to version 7 (under way!) we can bring this \
functionality back. </div>
<div style><br></div><div style>Sorry. Security is the enemy of convenience and all \
that.</div><div style><br></div><div style>-Bharat</div></div>
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
__[ g a l l e r y - d e v e l ]_________________________
[ list info/archive --> http://gallery.sf.net/lists.php ]
[ gallery info/FAQ/download --> http://gallery.sf.net ]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic