MS10-070 Released Out-of-Band Today
Posted by Scott on September 28, 2010
0 comments
The title says it all. Get patching. Hit up the security bulletin for downloads.
Oracle Padding, ASP.NET Vulnerabilities, and SharePoint
Posted by Scott on September 21, 2010
0 comments
The Microsoft SharePoint team has released specific guidance for a workaround for the recently announced ASP.NET vulnerability (Security Advisory 2416728). With a slight modification, this guidance will also apply to SharePoint 2007.
For SharePoint 2010, the relevant web.config entry will look like:
<customerrors defaultredirect="/_layouts/error2.aspx" mode="On" redirectmode="ResponseRewrite"></customerrors>
While for SharePoint 2007, the web.config entry will read:
<customerrors defaultredirect="/_layouts/error2.aspx" mode="On"></customerrors>
Fixing Absolute URLs in a Content Editor Web Part
Posted by Scott on December 24, 2008
0 comments
Maxime Bombardier has a post on the subject of fixing one of the bigger issues with the Content Editor web part. For the uninitiated, a Content Editor web part always renders absolute URLs when the rich-text editing capabilities are used. I must admit that I would have never have thought to use a control adapter to manipulate the output of the web part on the fly. Now that I have learned something new, you should too.