close

Filter

loading table of contents...

Release Notes / Version 11.2307

Table Of Contents

MediaController with Parameter Validation

The MediaController now validates the URL parameters 'id', 'propertyName', 'hash', 'cropName', 'width' and 'filename'. The missing validation was added for security reasons to prevent DoS attacks.

This change is considered breaking due to the validation, which now might deny requests which previously worked.

There is however a flag available to provide (non-breaking) backward compatibility. Using the config property caas.mediaControllerDisableValidation=true , the validation can be disabled. For security reasons, the default value ist `false`. If you need backward compatibility, validation can be disabled with the risk of potential DoS attacks.

(CMS-21382)

Search Results

Table Of Contents
warning

Your Internet Explorer is no longer supported.

Please use Mozilla Firefox, Google Chrome, or Microsoft Edge.