Add a .htaccess and web.config entry to mitigate against SA-CORE-2018-005

Created on 13 August 2018, over 6 years ago
Updated 4 April 2025, 2 days ago

Problem/Motivation

SA-CORE-2018-005

Proposed resolution

Add a .htaccess and web.config mitigation.

Remaining tasks

Patch file needs review.

User interface changes

None

API changes

None

Data model changes

None

📌 Task
Status

Needs work

Version

11.0 🔥

Component

base system

Created by

🇦🇺Australia pasan.gamage

Live updates comments and jobs are added and updated live.
  • Security improvements

    It makes Drupal less vulnerable to abuse or misuse. Note, this is the preferred tag, though the Security tag has a large body of issues tagged to it. Do NOT publicly disclose security vulnerabilities; contact the security team instead. Anyone (whether security team or not) can apply this tag to security improvements that do not directly present a vulnerability e.g. hardening an API to add filtering to reduce a common mistake in contributed modules.

Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024