IDEA: Controller Extended by Default |
@kilishan FYI while I was working on this I noticed that a number of methods in system/Controller.php are public (initController, forceHTTPS, cachePage, validate). I'm not sure if they need to be for internal purposes, but this makes them routable endpoints on any controller. E.g. https://example.com/home/cachePage/1, or https://example.com/home/initController. This should definitely be addressed as it is borderline a security issue - let me know if you want help with that.
|
Messages In This Thread |
IDEA: Controller Extended by Default - by MGatner - 03-18-2019, 07:28 AM
RE: IDEA: Controller Extended by Default - by InsiteFX - 03-18-2019, 08:18 AM
RE: IDEA: Controller Extended by Default - by titounnes - 03-19-2019, 03:08 AM
RE: IDEA: Controller Extended by Default - by kilishan - 03-18-2019, 09:55 AM
RE: IDEA: Controller Extended by Default - by MGatner - 03-18-2019, 12:27 PM
RE: IDEA: Controller Extended by Default - by MGatner - 03-19-2019, 07:25 AM
RE: IDEA: Controller Extended by Default - by kilishan - 03-19-2019, 08:07 PM
RE: IDEA: Controller Extended by Default - by MGatner - 03-20-2019, 08:07 AM
RE: IDEA: Controller Extended by Default - by kilishan - 03-20-2019, 08:40 AM
RE: IDEA: Controller Extended by Default - by MGatner - 03-20-2019, 10:23 AM
RE: IDEA: Controller Extended by Default - by MGatner - 03-20-2019, 11:10 AM
|