[vlc-commits] Revert "Made http-continuous option safe."
Rémi Denis-Courmont
git at videolan.org
Thu Mar 28 16:53:46 CET 2019
vlc/vlc-3.0 | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Wed Mar 27 18:20:16 2019 +0200| [4ed6726c76a3ffee34671cda50732556d8a624fa] | committer: Rémi Denis-Courmont
Revert "Made http-continuous option safe."
As seen 3 years ago with libavformat concat, concatenating streams
leads to interesting security issues such as data exfiltration.
http-continuous is essentially concatenating multiple HTTP resources.
This makes the concatenation-controlling option unsafe as is already
done within the VLC concat module.
This reverts commit b6c17b225587f750737204335f74ec00142bc758.
(cherry picked from commit 29da829f6810c0746a14a2030cc712808c03ab39)
> http://git.videolan.org/gitweb.cgi/vlc/vlc-3.0.git/?a=commit;h=4ed6726c76a3ffee34671cda50732556d8a624fa
---
modules/access/http/access.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/modules/access/http/access.c b/modules/access/http/access.c
index ab72107a04..7eb9f0cc37 100644
--- a/modules/access/http/access.c
+++ b/modules/access/http/access.c
@@ -295,7 +295,6 @@ vlc_module_begin()
add_bool("http-continuous", false, N_("Continuous stream"),
N_("Keep reading a resource that keeps being updated."), true)
- change_safe()
change_volatile()
add_bool("http-forward-cookies", true, N_("Cookies forwarding"),
N_("Forward cookies across HTTP redirections."), true)
More information about the vlc-commits
mailing list