Page MenuHomeSoftware Heritage
Differential D7454

Save Forge Now: Fix XSS in request list
ClosedPublic
Actions

Authored by vlorentz on Mar 29 2022, 2:00 PM.

Details

Reviewers
anlambert
ardumont
Group Reviewers
Reviewers
Commits
rDWAPPS853e39f633db: Save Forge Now: Fix XSS in request list
Summary

Origin URLs were printed unsanitized

Same issue as in D7365#191764

Diff Detail

Repository
rDWAPPS Web applications
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

vlorentz created this revision.Mar 29 2022, 2:00 PM
Herald added a reviewer: Reviewers. · View Herald TranscriptMar 29 2022, 2:00 PM
swh-public-ci added a comment.Mar 29 2022, 2:18 PM

Build is green

Patch application report for D7454 (id=26984)

Rebasing onto f7281122f2...

Current branch diff-target is up to date.
Changes applied before test
commit 853e39f633dbecb75ca043411204066e35e27e5a
Author: Valentin Lorentz <vlorentz@softwareheritage.org>
Date:   Tue Mar 29 13:58:47 2022 +0200

    Save Forge Now: Fix XSS in request list
    
    Origin URLs were printed unsanitized

See https://jenkins.softwareheritage.org/job/DWAPPS/job/tests-on-diff/1621/ for more details.

Harbormaster completed remote builds in B27900: Diff 26984.Mar 29 2022, 2:18 PM
vlorentz requested review of this revision.Mar 29 2022, 2:18 PM
anlambert accepted this revision.Mar 29 2022, 2:27 PM
This revision is now accepted and ready to land.Mar 29 2022, 2:27 PM
ardumont accepted this revision.Mar 29 2022, 2:28 PM
Closed by commit rDWAPPS853e39f633db: Save Forge Now: Fix XSS in request list (authored by vlorentz). · Explain WhyMar 29 2022, 2:35 PM
This revision was automatically updated to reflect the committed changes.
vlorentz added a commit: rDWAPPS853e39f633db: Save Forge Now: Fix XSS in request list.
vlorentz mentioned this in T4231: Split archive browsing and administration/moderation.May 11 2022, 11:19 AM

Revision Contents
Changeset List

PathSize
assets/
src/
bundles/
add_forge/
6 lines

Diff 26987

View Options

assets/src/bundles/add_forge/create-request.js

Loading...
About · Developer information · Legal