1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 19:40:55 +01:00
No description
Find a file
epriestley 864e0d8a2f Fix XSS hole in inline comment editing
Summary:
Thanks to erling for the report. This was XSSable, although you could
only get yourself.

Test Plan:
Made a comment like "</textarea><h1>" and edited it before and after
the patch. Proper behavior with this patch.

Reviewed By: aran
Reviewers: erling, jungejason, tuomaspelkonen, aran
CC: aran
Differential Revision: 187
2011-04-29 20:27:25 -07:00
bin Improve parser scalability, fix a bug or two, provide 'phd', the Phabricator 2011-03-13 14:27:03 -07:00
conf Hook for database configuration plugin 2011-04-29 19:41:16 -07:00
externals Get rid of +x on a bunch of nonexecutable files because I failed to set 2011-04-02 16:47:20 -07:00
resources Differential Updates View 2011-04-28 14:40:41 -07:00
scripts Avoid Timeline race condition 2011-04-14 10:12:10 -07:00
src Fix XSS hole in inline comment editing 2011-04-29 20:27:25 -07:00
webroot Detect and fatal on magic_quotes_gpc 2011-04-29 20:26:05 -07:00
.arcconfig Point Phabricator at the meta-install. 2011-02-07 21:57:42 -08:00
.divinerconfig Basic doc for adding/updating Celerity CSS/JS. 2011-03-04 14:15:59 -08:00
.gitignore PhabricatorEnv 2011-01-31 11:55:26 -08:00
README Edited README via GitHub 2011-04-29 16:10:08 -07:00

PROJECT STATUS: CAVEAT EMPTOR

This is an unstable preview release. You can learn more at http://phabricator.org/
as well as click around our development install. Developer mailing list at
https://groups.google.com/group/phabricator-dev and please report issues using
GitHub.

WHAT IS PHABRICATOR?

Phabricator is a suite of web applications that facilitate software development
tasks, particularly code review. The primary application in the suite is
Differential, a code review tool.

Phabricator is highly unstable and has many missing features! These applications
are being brought over from Facebook's internal toolset, but there's a lot of
stuff that hasn't made it over yet. Feel free to follow the project but you
probably shouldn't try to install this yet unless you're extremely ambitious
or just want to take a look at it. 

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.
http://www.apache.org/licenses/LICENSE-2.0