ForeverFrame transport should validate frameId passed through the URL #1446

Closed
DamianEdwards opened this Issue Jan 29, 2013 · 1 comment

2 participants

@DamianEdwards
SignalR member

The value of frameId in the querystring is reflected back into a script block in HTML and thus should be validated. It should only allow an integer value.

@DamianEdwards DamianEdwards added a commit that referenced this issue Jan 30, 2013
@DamianEdwards DamianEdwards Ensure ForeverFrameTransport throws if frameId is not a number
- Added a test to verify the exception when not a number which required making InitializeResponse protected internal
- #1446
b58782d
@DamianEdwards DamianEdwards added a commit that referenced this issue Jan 30, 2013
@DamianEdwards DamianEdwards Ensure ForeverFrameTransport throws if frameId is not a number
- Added a test to verify the exception when not a number which required making InitializeResponse protected internal
- #1446
02008b1
@Xiaohongt
SignalR member

verified

@Xiaohongt Xiaohongt closed this Jan 31, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment