Skip to content
Snippets Groups Projects
Commit 3356e9b9 authored by Benni Mack's avatar Benni Mack Committed by Oliver Hader
Browse files

[SECURITY] Limit the search results per page 

Indexed Search allows to show up to 100.000
entries per page by configuring the paging
entry via a GET/POST variable, leading to a
possible DoS attack.

The max limit is set to 100 entries per page,
as a reasonable limit for the website search
results.

Resolves: #73458
Releases: master, 7.6, 6.2
Security-Commit: ea0c1c4377b1111e4a822981a6a948b96dc0215f
Security-Bulletins: TYPO3-CORE-SA-2016-005, 006, 007, 008
Change-Id: I7d2ff1c3ba388a9bfc0be0cd905a8e24a14f13d8
Reviewed-on: https://review.typo3.org/46836


Reviewed-by: default avatarOliver Hader <oliver.hader@typo3.org>
Tested-by: default avatarOliver Hader <oliver.hader@typo3.org>
parent 2c31fac7
Branches
Tags
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment