Skip to content
Snippets Groups Projects
Commit 1b446cec authored by Benni Mack's avatar Benni Mack Committed by Oliver Hader
Browse files

[SECURITY] Limit the search results per page 

Indexed Search allows to show up to 100.000
entries per page by configuring the paging
entry via a GET/POST variable, leading to a
possible DoS attack.

The max limit is set to 100 entries per page,
as a reasonable limit for the website search
results.

Resolves: #73458
Releases: master, 7.6, 6.2
Security-Commit: 8dc6e3c41d53788966b1ab220acd49a815ccfe7f
Security-Bulletins: TYPO3-CORE-SA-2016-005, 006, 007, 008
Change-Id: I46d825d918d716c6059bb732d3b808dd4bafdc9c
Reviewed-on: https://review.typo3.org/46830


Reviewed-by: default avatarOliver Hader <oliver.hader@typo3.org>
Tested-by: default avatarOliver Hader <oliver.hader@typo3.org>
parent b55c5e79
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment