From: kink Date: Tue, 14 Jun 2005 10:39:45 +0000 (+0000) Subject: add security considerations to plugins.txt X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=685493693b7762173e2876a2adf6933a772936b1;p=squirrelmail.git add security considerations to plugins.txt git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@9604 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- diff --git a/doc/Development/plugin.txt b/doc/Development/plugin.txt index a51e405c..7ab2dc0b 100644 --- a/doc/Development/plugin.txt +++ b/doc/Development/plugin.txt @@ -1316,6 +1316,34 @@ scope automatically. There is nothing more to do than this: sqgetGlobalVar('favorite_color', $favorite_color, SQ_FORM); +Security considerations +----------------------- + +All plugins should consider the security implications of their plugin. +Of course, if you call external programs you have to use great care, +but the following issues are important to nearly every plugin. + +- Escape any untrusted data before you output it. This is to prevent +cross site scripting attachs. It means that you have to htmlspecialchar() +every variable that comes in through the URL, a mail message or other +external factors, before outputting it. + +- Make sure that your plugin doesn't perform its function when it's not +enabled. If you just call hooks, your hooks won't be called when the +plugin is disabled, but if you also supply extra .php files, you should +check if they perform any function if accessed directly. If they do, you +should check at the start of that file if the plugin is enabled in the +config, and if not, exit the script. Example: + global $plugins; + if ( !in_array('mypluginname', $plugins) ) { + die("Plugin not enabled in SquirrelMail configuration."); + } + +If you have any questions about this or are unsure, please contact the +mailinglist or IRC channel, because security is very important for a +widely used application like SquirrelMail! + + Extra Blank Lines -----------------