nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/app
History
Jonne Haß ecb1b80e24 Render flash message content with .text 
.html does not escape any html input in these, leading to XSS
attack vectors.

Thanks to A Kai (@sixhundredns) for reporting the related issues.
2014-05-24 16:08:32 +02:00
..
assets Render flash message content with .text 2014-05-24 16:08:32 +02:00
controllers Changed and renamed database columns 2014-05-15 07:23:44 -04:00
helpers Do not try to render posts/comments which are not present 2014-05-16 09:48:14 -04:00
mailers Removed local variable in ReportMailer 2014-05-15 07:23:43 -04:00
models Validate on report that post or comment does exist 2014-05-16 09:48:14 -04:00
presenters Merge pull request #4836 from MrZYX/message_renderer 2014-04-13 15:00:46 +03:00
uploaders resize full scaled image to a specific width #3793 2013-01-26 11:36:01 +01:00
views Remove duplicate checkbox in Settings 2014-05-22 22:39:09 +02:00
workers It is now possible to report comments 2014-05-15 07:23:43 -04:00