webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-06-27 16:41:53 +03:00
Code Activity
3,162 Commits 14 Branches 211 Tags
1c859e94e03d0407daf55ade43ced245f208f971
Commit Graph

8 Commits

Author SHA1 Message Date
Dan Brown
8d7c8ac8bf Done a round of phpstan fixes 2021-11-06 00:32:01 +00:00
Dan Brown
fb80bb5d58 Applied latest styleci changes 2021-09-06 22:19:06 +01:00
Dan Brown
fd44e4ba74 Started application of CSP headers 2021-09-03 23:32:42 +01:00
Dan Brown
040997fdc4 Added filter for xlink:href svg xss 
Simply remove all such attributes
 2021-09-03 22:34:49 +01:00
Dan Brown
5e6092aaf8 Added extra HTML filtering of dangerous content 
In particular, That around the casing of dangerous values within
attributes. This uses some xpath translation to handle different casing
in contains searching.
 2021-09-02 22:02:30 +01:00
Dan Brown
934a833818 Apply fixes from StyleCI 2021-06-26 15:23:15 +00:00
Dan Brown
b5caaa73b7 Fixed content parsing break with line html comment 
Fixes issues thrown in custom HMTL head & page content filtering when
the content is comprised of only a single HTML comment.
Adds tests to cover.

For #2804
 2021-06-13 12:53:04 +01:00
Dan Brown
43b6633183 Filtered scripts in custom HTML head for exports 
Since it appeared to cause problems in some scenarios.
Related to #2490
 2021-05-03 23:59:52 +01:00