Mercurial > kallithea
annotate MANIFEST.in @ 7552:e74aa69f6827 stable
lib: sanitize HTML for all types of README rendering, not only markdown
The repository summary page will display a rendered version of the
repository 'readme' based on its file extension. In commit 5746cc3b3fa5,
the rendered output was already sanitized when the input was markdown.
However, also readmes written in other formats, like ReStructuredText (RST)
or plain text could have content that we want sanitized.
Therefore, move the sanitizing one level up so it covers all renderers, for
now and the future.
This fixes an XSS issue when a repository readme contains javascript code,
which would be executed when the repository summary page is visited by a
user.
Reported by Bob Hogg <wombat@rwhogg.site> (thanks!).
| author | Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> |
|---|---|
| date | Sat, 26 Jan 2019 20:27:50 +0100 |
| parents | 19267f233d39 |
| children | 968f2d4214e8 |
| rev | line source |
|---|---|
|
4987
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
1 include Apache-License-2.0.txt |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
2 include CONTRIBUTORS |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
3 include COPYING |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
4 include LICENSE-MERGELY.html |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
5 include LICENSE.md |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
6 include MIT-Permissive-License.txt |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
7 include README.rst |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
8 include development.ini |
|
1078
2d7a94f3eaae
added docs to manifest, updated setup script
Marcin Kuzminski <marcin@python-works.com>
parents:
1077
diff
changeset
|
9 recursive-include docs * |
|
1143
0e6035a85980
added changes made in production branch back into beta
Marcin Kuzminski <marcin@python-works.com>
parents:
1078
diff
changeset
|
10 recursive-include init.d * |
|
4987
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
11 include kallithea/bin/ldap_sync.conf |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
12 include kallithea/bin/template.ini.mako |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
13 include kallithea/config/deployment.ini_tmpl |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
14 recursive-include kallithea/i18n * |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
15 recursive-include kallithea/lib/dbmigrate *.py_tmpl README migrate.cfg |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
16 recursive-include kallithea/public * |
|
4186
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
1512
diff
changeset
|
17 recursive-include kallithea/templates * |
|
4987
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
18 recursive-include kallithea/tests/fixtures * |
|
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
19 recursive-include kallithea/tests/scripts * |
|
5416
19267f233d39
tests: move test.ini to kallithea/tests/
Mads Kiilerich <madski@unity3d.com>
parents:
5303
diff
changeset
|
20 include kallithea/tests/test.ini |
|
4987
ff08d3cf9aef
manifest: include (almost) all repo files in the release tar
Mads Kiilerich <madski@unity3d.com>
parents:
4569
diff
changeset
|
21 include kallithea/tests/vcs/aconfig |