Merge #20741: doc: Update 'Secure string handling'

7117d7503f39f06b74c84777ec4db5d456a8086f Update 'Secure string handling' (Prayank)

Pull request description:

  - Add information about possible path traversal attack
  - [wallet_name](https://bitcoincore.org/en/doc/0.20.0/rpc/wallet/createwallet/) (string): _The name for the new wallet. If this is a 'path', the wallet will be created at the 'path' location._

  Fixes https://github.com/bitcoin/bitcoin/issues/20128 (Not really fixing it but workaround)

  This PR is an alternative to https://github.com/bitcoin/bitcoin/pull/20393

ACKs for top commit:
  michaelfolkson:
    ACK 7117d7503f39f06b74c84777ec4db5d456a8086f
  RiccardoMasutti:
    ACK 7117d7503f
  benthecarman:
    ACK 7117d7503f39f06b74c84777ec4db5d456a8086f

Tree-SHA512: 0d6c4f8db5feba848bbb583e87a99e6c4b655deaa2b566164e2632acc1aabf470d4626d2dc4b82c4997effc30d9b474d860d0e0d3e896648c5cc9bfdb623da6d
This commit is contained in:
Wladimir J. van der Laan 2021-01-09 09:00:08 +01:00 committed by Pasta
parent f01f7603ce
commit 66d6e52d13
No known key found for this signature in database
GPG Key ID: 52527BEDABE87984

View File

@ -88,13 +88,14 @@ RPC interface will be abused.
- **Secure string handling:** The RPC interface does not guarantee any
escaping of data beyond what's necessary to encode it as JSON,
although it does usually provide serialized data using a hex
representation of the bytes. If you use RPC data in your programs or
provide its data to other programs, you must ensure any problem
strings are properly escaped. For example, multiple websites have
been manipulated because they displayed decoded hex strings that
included HTML `<script>` tags. For this reason, and other
non-security reasons, it is recommended to display all serialized data
in hex form only.
representation of the bytes. If you use RPC data in your programs or
provide its data to other programs, you must ensure any problem strings
are properly escaped. For example, the `createwallet` RPC accepts
arguments such as `wallet_name` which is a string and could be used
for a path traversal attack without application level checks. Multiple
websites have been manipulated because they displayed decoded hex strings
that included HTML `<script>` tags. For this reason, and others, it is
recommended to display all serialized data in hex form only.
## RPC consistency guarantees