Comment 7 for bug 1927677
Revision history for this message
| melanie witt (melwitt) wrote Re: novnc allowing open direction which could potentially be used for phishing | #7 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
67d34a1
(Get the code!)
Also, I have tested the patch in comment 5 in devstack and verified it works to return a 400 Bad Request if "//" are included in the URL to redirect, provided that the browser has not previously cached a past redirect.
I used the following URL to test: http://