revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-09-20 09:18:48 +02:00
Code Issues Releases Wiki Activity
phorge-phorge/src
History
epriestley c72f3b4bf1 Lock uri.allowed-protocols in Config 
Summary: This allows administrative overreach. Administrators can enable `javascript:` and then XSS things if this isn't locked.

Test Plan: Viewed value on web UI, verified it was locked.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6975
2013-09-13 11:48:43 -07:00
..
aphront Fix an issue with darkconsole.always-on and logged-out users 2013-09-05 11:16:32 -07:00
applications Lock uri.allowed-protocols in Config 2013-09-13 11:48:43 -07:00
docs Add event dispatch for updated search indexes 2013-09-12 13:05:54 -07:00
extensions Add src/extensions/ to Phabricator 2013-08-14 15:38:06 -07:00
infrastructure Purge loadRelativeEdges 2013-09-13 11:40:52 -07:00
view Restore project filtering to Maniphest "pro" search 2013-09-12 13:03:14 -07:00
__celerity_resource_map__.php Small button dropdowns 2013-09-13 10:48:02 -07:00
__phutil_library_init__.php Delete license headers from files 2012-11-05 11:16:51 -08:00
__phutil_library_map__.php Provide and populate an object name index for Maniphest 2013-09-12 13:06:44 -07:00