mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
4ae926fa8a
We now have an option where a remote window title query returns a well-formed response containing the empty string. This should keep stop any server-side application that was expecting a response from hanging, while not permitting the response to be influenced by an attacker. We also retain the ability to stay schtum. The existing checkbox has thus grown into a set of radio buttons. I've changed the default to the "empty string" response, even in the backward- compatibility mode of loading old settings, which is a change in behaviour; any users who want the old behaviour back will have to explicitly select it. I think this is probably the Right Thing. (The only drawback I can think of is that an attacker could still potentially use the relevant fixed strings for mischief, but we already have other, similar reports.) [originally from svn r7043] |
||
|---|---|---|
| .. | ||
| blurb.but | ||
| chm.but | ||
| chm.css | ||
| config.but | ||
| errors.but | ||
| faq.but | ||
| feedback.but | ||
| gs.but | ||
| index.but | ||
| intro.but | ||
| licence.but | ||
| Makefile | ||
| man-pg.but | ||
| man-pl.but | ||
| man-pscp.but | ||
| man-psft.but | ||
| man-ptel.but | ||
| man-pter.but | ||
| man-putt.but | ||
| mancfg.but | ||
| manpages.but | ||
| pageant.but | ||
| pgpkeys.but | ||
| plink.but | ||
| pscp.but | ||
| psftp.but | ||
| pubkey.but | ||
| site.but | ||
| udp.but | ||
| using.but | ||
| vids.but | ||