redirect /index.php/.whatever?... URLs to /index.php?... to avoid Content-Type browser bugs #6156
Labels
c: Security
For issues that make Matomo more secure. Please report issues through HackerOne and not in Github.
Enhancement
For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Major
Indicates the severity or impact or benefit of an issue is much higher than normal but not critical.
Milestone
Some old browsers determine a response's content by the URLs extension, and not the Content-Type HTTP header. Improper URLs like /index.php/.html?... can be used to cause bugs and inject code, so the weird URLs should be redirected when found.
The text was updated successfully, but these errors were encountered: