load-ajax.php - Printable Version +- GetSimple Support Forum (http://get-simple.info/forums) +-- Forum: GetSimple (http://get-simple.info/forums/forumdisplay.php?fid=3) +--- Forum: GS Development Testing - (alpha/beta) (http://get-simple.info/forums/forumdisplay.php?fid=14) +--- Thread: load-ajax.php (/showthread.php?tid=3621) |
load-ajax.php - shawn_a - 2012-09-27 Does anyone use this. I will be removing it entirely from SVN, as it poses a grave security threat. load-ajax.php - shovenose - 2012-09-27 What does it do? load-ajax.php - mikeh - 2012-09-27 shawn_a Wrote:Does anyone use this.What is the security threat? load-ajax.php - shawn_a - 2012-09-27 see issue 354 load-ajax.php - ccagle8 - 2012-09-27 it was definitely created so plugins to use it in their ajax calls, but I cannot remember who requested it. I vote for it's removal if we can't make it secure. load-ajax.php - shawn_a - 2012-09-27 We can always redesign that functionality securly with a proper api, but this most certainly needs to be removed. load-ajax.php - mvlcek - 2012-09-27 Definitely remove it. Any plugin needing ajax functionality can include a file like this but limited to exactly the functionality that is needed. |