marshsu / timthumb

Automatically exported from code.google.com/p/timthumb
0 stars 0 forks source link

Security patch for /trunk/timthumb.php #274

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Disallowing external sites by default, changed PCRE check to substring check 
per Matthew's suggestion 
(http://code.google.com/p/timthumb/issues/detail?id=273#c2).

Seems to work well.

Original issue reported on code.google.com by frett...@gmail.com on 13 Oct 2011 at 8:21

Attachments:

GoogleCodeExporter commented 9 years ago

Original comment by BinaryMoon on 13 Oct 2011 at 8:38