Skip to content
This repository has been archived by the owner on Jan 20, 2024. It is now read-only.

Threat Actor Names with "/" In Name #164

Closed
vac4n7 opened this issue Aug 25, 2016 · 3 comments
Closed

Threat Actor Names with "/" In Name #164

vac4n7 opened this issue Aug 25, 2016 · 3 comments

Comments

@vac4n7
Copy link

vac4n7 commented Aug 25, 2016

If you create a threat actor with a "/" in the name, the links to add relationships, edit, or delete don't work because the "/" is passed literally in the links causing a 404. The web server interprets the "/" as designating a directory traversal instead of being part of the object name.

Recommend sanitizing input and output for Threat Actor object names.

Thanks for a great project!
@k3vb0t
Copy link
Contributor

k3vb0t commented Aug 25, 2016
edited
Loading

Sorry, to previous can't replicate comment: can replicate.

@k3vb0t
Copy link
Contributor

k3vb0t commented Aug 25, 2016

This should be an easy encoding change, I'll look into it in the next couple days or so (read: weekend :) )

@k3vb0t
Copy link
Contributor

k3vb0t commented Aug 27, 2016

I fixed this in #165

@k3vb0t k3vb0t mentioned this issue Aug 29, 2016
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@brianwarehime @k3vb0t @vac4n7