nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/app/assets/javascripts/widgets
History
Jonne Haß ecb1b80e24 Render flash message content with .text 
.html does not escape any html input in these, leading to XSS
attack vectors.

Thanks to A Kai (@sixhundredns) for reporting the related issues.
2014-05-24 16:08:32 +02:00
..
back-to-top.js
direction-detector.js
flash-messages.js Render flash message content with .text 2014-05-24 16:08:32 +02:00
header.js
infinite-scroll.js
lightbox.js
notifications-badge.js Remove auto 'mark as read' for notifications 2014-04-15 14:51:38 +02:00
notifications.js Improve set read/unread in notifications dropdown 2014-04-16 23:33:22 +02:00
search.js
stream.js
timeago.js Switched to using rails-timeago to make keeping on top of new versions of plugin easier 2014-01-20 09:33:35 +08:00