Mercurial > p > roundup > code
view doc/index.txt @ 4088:34434785f308
Plug a number of security holes:
- EditCSV and ExportCSV altered to include permission checks
- HTTP POST required on actions which alter data
- HTML file uploads served as application/octet-stream
- New item action reject creation of new users
- Item retirement was not being controlled
Additionally include documentation of the changes and modify affected tests.
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Thu, 12 Mar 2009 02:25:03 +0000 |
| parents | bca7c59ac400 |
| children | 7c576a4dea9d |
line wrap: on
line source
======================================================= Roundup: an Issue-Tracking System for Knowledge Workers ======================================================= Contents ======== .. toctree:: :maxdepth: 2 features installation upgrading FAQ user_guide customizing admin_guide spec original design <design> developers tracker_templates contact acknowledgements license