oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed: exporting as HTML leaks sessions for inaccessible assets

Browse source
This commit is contained in:
Graham Knop 2008-03-07 16:35:12 +00:00
parent c3744f160b
commit 797b1d2cc6
2 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/changelog/7.x.x.txt
View file

@ -1,5 +1,6 @@
7.5.6
- Internationalized Calendar templates
- fixed: exporting as HTML leaks sessions for inaccessible assets,
7.5.5
- fixed: Several typos in the new Calendar help documentation.

4
lib/WebGUI/AssetExportHtml.pm
View file

@ -119,6 +119,8 @@ sub _exportAsHtml {
# notify we can't output because user selected can't view the page
unless ($asset->canView($userId)) {
$self->session->output->print(sprintf($i18n->get('bad user privileges')."\n") . $asset->getUrl) unless $quiet;
$assetSession->var->end;
$assetSession->close;
next;
}
@ -139,6 +141,8 @@ sub _exportAsHtml {
next if $exportCheck->getUrl eq '/root';
unless ($exportCheck->get('isExportable')) {
$self->session->output->print("$pathWithFilename skipped, not exportable<br />") unless $quiet;
$assetSession->var->end;
$assetSession->close;
next ASSET;
}
}