mirror of
https://we.phorge.it/source/phorge.git
synced 2025-01-20 03:31:10 +01:00
No description
88ae246593
Summary: This algorithm is tricky, and uses `phutil_safe_html()` directly, which makes it potentially unsafe. In particular, D8859 fixes a bug with it which caused it to produce non-utf8 output. This doesn't guarantee it's a security problem, but does make it suspicious. I don't actually see a way to break it, but rewrite it so that it's absolutely bulletproof and does not need to call `phutil_safe_html()`. Test Plan: {F147487} @rugabarbo, if you have a chance, can you check if this still works for you? Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley, rugabarbo Differential Revision: https://secure.phabricator.com/D8862 |
||
|---|---|---|
| bin | ||
| conf | ||
| externals | ||
| resources | ||
| scripts | ||
| src | ||
| support | ||
| webroot | ||
| .arcconfig | ||
| .editorconfig | ||
| .gitignore | ||
| LICENSE | ||
| NOTICE | ||
| README | ||
Phabricator is an open source collection of web applications which help software companies build better software. Phabricator includes applications for: - reviewing and auditing source code; - hosting and browsing repositories; - assembling a party to venture forth; - tracking bugs; - hiding stuff from coworkers; and - also some other things. You can learn more about the project (and find links to documentation and resources) here: http://phabricator.org/ Phabricator is developed and maintained by Phacility. The first version of Phabricator was originally built at Facebook. LICENSE Phabricator is released under the Apache 2.0 license except as otherwise noted.