Fix: forbid session name creation if contains /
This adds a validation function for session name which for now denies
any session name containing '/'.
This is in response of bug #721 that actually uses a path as a session
name such as "test/../session1" which would then be concatenated to the
session path adding a relative path to it making this a serious security
issue.
Because of this issue, this is backported from master up to stable-2.3.
Fixes #721
Signed-off-by: David Goulet <dgoulet@efficios.com>
This page took 0.025801 seconds and 4 git commands to generate.