revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-03 20:22:46 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/infrastructure/markup/remarkup/markuprule
History
epriestley 4bfbd209b2 Fix XSS hole in YouTube remarkup rule 
Summary:
The source wasn't properly escaped.

Test Plan:
Made a comment like "http://youtube.com/?v="></iframe><h1>!!!</h1>"

Reviewed By: mroch
Reviewers: tomo, mroch, tuomaspelkonen, aran, jungejason
CC: aran, mroch
Differential Revision: 516
2011-06-24 10:45:53 -07:00
..
differential Add comment linking to Maniphest and Differential 2011-05-31 11:11:19 -07:00
diffusion Use a stricter regexp in Diffusion remarkup 2011-04-29 20:26:30 -07:00
imagemacro Fixed image macro with '-' in the name. 2011-04-20 16:51:26 -07:00
maniphest Add comment linking to Maniphest and Differential 2011-05-31 11:11:19 -07:00
objectname Add comment linking to Maniphest and Differential 2011-05-31 11:11:19 -07:00
proxyimage Restore image proxying to Remarkup 2011-05-03 18:49:06 -07:00
youtube Fix XSS hole in YouTube remarkup rule 2011-06-24 10:45:53 -07:00