webapp/bookstack
webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-05-29 09:21:20 +03:00
Code
bookstack/app/Http
History
Dan Brown 349162ea13
Prevented possible XSS via link attachments 
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
2020-10-31 15:01:52 +00:00
..
Controllers
Prevented possible XSS via link attachments
2020-10-31 15:01:52 +00:00
Middleware
Updated locale lists for Bulgarian
2020-09-19 15:36:17 +01:00
Requests
Change application namespace to BookStack
2015-09-10 19:31:09 +01:00
Kernel.php
Removed throttling from web-end requests
2020-04-11 20:02:07 +01:00
Request.php
Ran phpcbf and updated helpers typehinting
2019-09-15 18:29:51 +01:00