----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: http://codereview.secondlife.com/r/242/#review512 -----------------------------------------------------------
Before shipping, review the exploit history around CURLOPT_ENCODING. There is a known buffer overflow exploit, I believe in pre-7.20 releases but that should be checked first for applicability. - Monty On March 28, 2011, 6:22 p.m., Stone Linden wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > http://codereview.secondlife.com/r/242/ > ----------------------------------------------------------- > > (Updated March 28, 2011, 6:22 p.m.) > > > Review request for Viewer, Oz Linden, Joshua Linden, and Brad Kittenbrink. > > > Summary > ------- > > Enable Accept-Encoding: deflate, gzip in libcurl via setopt CURLOPT_ENCODING. > I'm approaching this for Inventory, but it would apply to any HTTP request > that goes through the LLURLRequest code path (vs. the LLCurl code path, which > already does this). > > > Diffs > ----- > > indra/llmessage/llurlrequest.cpp 2ae060c0fa91 > > Diff: http://codereview.secondlife.com/r/242/diff > > > Testing > ------- > > Inventory loads, and I see the encoding options coming through on the backend > apache logs. > > > Thanks, > > Stone > >
_______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
