[Pkg-mono-svn-commits] [SCM] mono branch, master, updated. debian/2.4.4.svn151842-2-51-g38682b8
Mirco Bauer
meebey at meebey.net
Thu Jun 24 23:39:37 UTC 2010
The following commit has been merged in the master branch:
commit 3c5b705bad76f5e99439add02a30b30972b51db7
Author: Jo Shields <directhex at apebox.org>
Date: Tue Jun 22 09:39:10 2010 +0100
slight port of upstream SVN revision 154493 to fix potential XSS issue documented as CVE-2010-1459
diff --git a/mcs/class/System.Web/System.Web.Compilation/PageCompiler.cs b/mcs/class/System.Web/System.Web.Compilation/PageCompiler.cs
index 5c3fdc2..9210035 100644
--- a/mcs/class/System.Web/System.Web.Compilation/PageCompiler.cs
+++ b/mcs/class/System.Web/System.Web.Compilation/PageCompiler.cs
@@ -427,6 +427,13 @@ namespace System.Web.Compilation
#endif
}
+ if (!pageParser.EnableViewStateMac) {
+ CodeAssignStatement stmt = new CodeAssignStatement ();
+ stmt.Left = new CodePropertyReferenceExpression (thisRef, "EnableViewStateMac");
+ stmt.Right = new CodePrimitiveExpression (false);
+ method.Statements.Add (stmt);
+ }
+
#if NET_2_0
CodeAssignStatement AssignOutputCacheParameter (CodeVariableReferenceExpression variable, string propName, object value)
{
diff --git a/mcs/class/System.Web/System.Web.UI/Page.cs b/mcs/class/System.Web/System.Web.UI/Page.cs
index ed46c86..38797a5 100644
--- a/mcs/class/System.Web/System.Web.UI/Page.cs
+++ b/mcs/class/System.Web/System.Web.UI/Page.cs
@@ -83,7 +83,7 @@ public partial class Page : TemplateControl, IHttpHandler
bool _hasEnabledControlArray;
#endif
bool _viewState;
- bool _viewStateMac;
+ bool _viewStateMac = true;
string _errorPage;
bool is_validated;
bool _smartNavigation;
diff --git a/mcs/class/System.Web/System.Web.UI/PageParser.cs b/mcs/class/System.Web/System.Web.UI/PageParser.cs
index 29e75e6..294c952 100644
--- a/mcs/class/System.Web/System.Web.UI/PageParser.cs
+++ b/mcs/class/System.Web/System.Web.UI/PageParser.cs
@@ -378,10 +378,8 @@ namespace System.Web.UI
enable_event_validation = GetBool (atts, "EnableEventValidation", enable_event_validation);
maintainScrollPositionOnPostBack = GetBool (atts, "MaintainScrollPositionOnPostBack", maintainScrollPositionOnPostBack);
#endif
- // Ignored by now
- GetString (atts, "EnableViewStateMac", null);
- GetString (atts, "SmartNavigation", null);
-
+ enableViewStateMac = GetBool (atts, "EnableViewStateMac", enableViewStateMac);
+ smartNavigation = GetBool (atts, "SmartNavigation", smartNavigation);
base.ProcessMainAttributes (atts);
}
--
mono
More information about the Pkg-mono-svn-commits
mailing list