Tue, 12 Feb 2019 20:32:24 +0100 |
Thomas De Schampheleire |
contributors: update
stable
|
Wed, 27 Feb 2019 02:30:58 +0100 |
Mads Kiilerich |
compare: correct display of special branch names in initial placeholder
stable
|
Tue, 26 Feb 2019 21:27:42 +0100 |
Thomas De Schampheleire |
compare: prevent XSS due to unescaped branch/tag/bookmark names
stable
|
Mon, 11 Feb 2019 21:36:55 +0100 |
Mads Kiilerich |
templates/summary: escape branch/tag/bookmark names in 'Download as zip' links to prevent XSS
stable
|
Sat, 26 Jan 2019 20:27:50 +0100 |
Thomas De Schampheleire |
lib: sanitize HTML for all types of README rendering, not only markdown
stable
|
Sat, 26 Jan 2019 20:00:14 +0100 |
Thomas De Schampheleire |
cleanup: remove unnecessary (and potentially problematic) use of 'literal'
stable
|
Tue, 26 Feb 2019 21:50:15 +0100 |
Thomas De Schampheleire |
pullrequests: prevent XSS in 'Potential Reviewers' list when first and last names cannot be trusted
stable
|
Mon, 11 Feb 2019 21:36:13 +0100 |
Mads Kiilerich |
js: introduce an html_escape function
stable
|
Wed, 27 Feb 2019 02:30:58 +0100 |
Mads Kiilerich |
compare: correct display of special branch names in initial placeholder
|
Tue, 26 Feb 2019 21:27:42 +0100 |
Thomas De Schampheleire |
compare: prevent XSS due to unescaped branch/tag/bookmark names
|
Wed, 27 Feb 2019 02:30:18 +0100 |
Mads Kiilerich |
base: escape branch/tag/bookmark names in 'Switch To' menu to prevent XSS
|
Mon, 11 Feb 2019 21:36:55 +0100 |
Mads Kiilerich |
templates/summary: escape branch/tag/bookmark names in 'Download as zip' links to prevent XSS
|
Sat, 26 Jan 2019 20:27:50 +0100 |
Thomas De Schampheleire |
lib: sanitize HTML for all types of README rendering, not only markdown
|
Sat, 26 Jan 2019 20:00:14 +0100 |
Thomas De Schampheleire |
cleanup: remove unnecessary (and potentially problematic) use of 'literal'
|
Wed, 27 Feb 2019 02:29:34 +0100 |
Mads Kiilerich |
base: when using a custom select2 escapeMarkup function, make it clear that the exception only is for a static safe string
|