]> git.immae.eu Git - github/shaarli/Shaarli.git/commit
projects / github / shaarli / Shaarli.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: df25b28) | patch
Security: fix multiple XSS vulnerabilities + fix search tags with special chars 1585/head
authorArthurHoaro <arthur@hoa.ro>
Tue, 6 Oct 2020 15:30:18 +0000 (17:30 +0200)
committerArthurHoaro <arthur@hoa.ro>
Tue, 6 Oct 2020 15:30:18 +0000 (17:30 +0200)
commit72fbbcd6794facea2cf06d9742359d190257b00f
treea4d6f446ec861f9a7591edb31f322e2a846b2bactree | snapshot
parentdf25b28dcd3cde54d42c18a55a810daa82bf5727commit | diff
Security: fix multiple XSS vulnerabilities + fix search tags with special chars

XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.

Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
application/Utils.php diff | blob | blame | history
application/formatter/BookmarkFormatter.php diff | blob | blame | history
application/front/controller/admin/ManageShaareController.php diff | blob | blame | history
application/front/controller/admin/ManageTagController.php diff | blob | blame | history
application/front/controller/visitor/BookmarkListController.php diff | blob | blame | history
application/front/controller/visitor/TagCloudController.php diff | blob | blame | history
application/render/PageBuilder.php diff | blob | blame | history
assets/default/js/base.js diff | blob | blame | history
tpl/default/linklist.html diff | blob | blame | history
tpl/default/tag.cloud.html diff | blob | blame | history
tpl/default/tag.list.html diff | blob | blame | history
The personal, minimalist, super-fast, database free, bookmarking service - community repo