-const char cgi_rcs[] = "$Id: cgi.c,v 1.70.2.9 2003/05/08 15:11:31 oes Exp $";
+const char cgi_rcs[] = "$Id: cgi.c,v 1.70.2.10 2003/06/06 07:54:25 oes Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/Attic/cgi.c,v $
*
* Revisions :
* $Log: cgi.c,v $
+ * Revision 1.70.2.10 2003/06/06 07:54:25 oes
+ * Security fix: dspatch_known_cgi no longer considers an empty
+ * referrer safe for critical CGIs, since malicious links could
+ * reside on https:// locations which browsers don't advertize as
+ * referrers. Closes bug #749916, thanks to Jeff Epler for the
+ * hint. Goodbye One-Click[tm] toggling :-(
+ *
* Revision 1.70.2.9 2003/05/08 15:11:31 oes
* Nit
*
*/
const char image_blank_data[] =
"\211\120\116\107\015\012\032\012\000\000\000\015\111\110\104\122"
- "\000\000\000\004\000\000\000\004\010\006\000\000\000\251\361\236"
- "\176\000\000\000\007\164\111\115\105\007\322\003\013\020\073\070"
- "\013\025\036\203\000\000\000\011\160\110\131\163\000\000\013\022"
- "\000\000\013\022\001\322\335\176\374\000\000\000\004\147\101\115"
- "\101\000\000\261\217\013\374\141\005\000\000\000\033\111\104\101"
- "\124\170\332\143\070\161\342\304\207\377\377\377\347\302\150\006"
- "\144\016\210\146\040\250\002\000\042\305\065\221\270\027\131\110"
+ "\000\000\000\001\000\000\000\001\001\003\000\000\000\045\333\126"
+ "\312\000\000\000\003\120\114\124\105\377\377\377\247\304\033\310"
+ "\000\000\000\001\164\122\116\123\000\100\346\330\146\000\000\000"
+ "\001\142\113\107\104\000\210\005\035\110\000\000\000\012\111\104"
+ "\101\124\170\001\143\140\000\000\000\002\000\001\163\165\001\030"
"\000\000\000\000\111\105\116\104\256\102\140\202";
#else