Mercurial > kallithea
graph
-
base: escape branch/tag/bookmark names in 'Switch To' menu to prevent XSSWed, 27 Feb 2019 02:30:18 +0100, by Mads Kiilerich
-
templates/summary: escape branch/tag/bookmark names in 'Download as zip' links to prevent XSSMon, 11 Feb 2019 21:36:55 +0100, by Mads Kiilerich
-
lib: sanitize HTML for all types of README rendering, not only markdownSat, 26 Jan 2019 20:27:50 +0100, by Thomas De Schampheleire
-
cleanup: remove unnecessary (and potentially problematic) use of 'literal'Sat, 26 Jan 2019 20:00:14 +0100, by Thomas De Schampheleire
-
base: when using a custom select2 escapeMarkup function, make it clear that the exception only is for a static safe stringWed, 27 Feb 2019 02:29:34 +0100, by Mads Kiilerich
-
pullrequests: prevent XSS in @mention completion when first and last names cannot be trustedWed, 27 Feb 2019 02:23:26 +0100, by Mads Kiilerich
-
pullrequests: prevent XSS when 'Potential Reviewers' are selected and first and last names cannot be trustedWed, 27 Feb 2019 02:23:26 +0100, by Mads Kiilerich