Dan Brown 349162ea13 Prevented possible XSS via link attachments ...

This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.

2020-10-31 15:01:52 +00:00

..

Controllers

Prevented possible XSS via link attachments

2020-10-31 15:01:52 +00:00

Middleware

Updated locale lists for Bulgarian

2020-09-19 15:36:17 +01:00

Requests

Change application namespace to BookStack

2015-09-10 19:31:09 +01:00

Kernel.php

Removed throttling from web-end requests

2020-04-11 20:02:07 +01:00

Request.php

Ran phpcbf and updated helpers typehinting

2019-09-15 18:29:51 +01:00