1 - Taint causing some GM Tickets to be blocked

Affects cases where the user has shift-clicked a player's name into the text box of the GM ticket.

LinkWrangler hooks SetItemRef to intercept item links - introduces taint.

Shift-clicking a name is handled by SetItemRef - passes the taint onto the GM ticket edit box.

GM Ticket send button fetches text from GM Ticket edit box, tainting the execution path, just before NewGMTicket (protected) gets called.

Can currently see no solution to this problem - LinkWrangler cannot use secure hook on SetItemRef, as it needs to prevent ItemRefTooltip from opening.

User	When	Change

You must login to post a comment. Don't have an account? Register to get one!

Facts

Reported on: 02 Jul 2008
Status: Accepted - Problem reproduced / Need acknowledged.
Type: Other - Some other kind of issue
Priority: Medium - Normal priority.

Reported by

brykrys

Possible assignees

brykrys
- Manager
- Author
Amavana
- Author