Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security: prevent XSS attach on wiki page #955

Merged
merged 1 commit into from
Feb 16, 2017
Merged

Security: prevent XSS attach on wiki page #955

merged 1 commit into from
Feb 16, 2017

Conversation

lunny
Copy link
Member

@lunny lunny commented Feb 16, 2017

Reported by Miguel Ángel Jimeno.

back port from #952

@unknwon @lunny
Security: prevent XSS attach on wiki page
16572da 
Reported by Miguel Ángel Jimeno.
@lunny lunny added type/bug topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! issue/critical This issue should be fixed ASAP. If it is a PR, the PR should be merged ASAP labels Feb 16, 2017
@lunny lunny added this to the 1.0.2 milestone Feb 16, 2017
@tboerger tboerger added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Feb 16, 2017
@appleboy
Copy link
Member

LGTM

@tboerger tboerger added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Feb 16, 2017
@Bwko
Copy link
Member

Bwko commented Feb 16, 2017
edited
Loading

LGTM

@tboerger tboerger added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Feb 16, 2017
@lunny lunny merged commit 9183661 into go-gitea:release/v1.0 Feb 16, 2017
@tboerger tboerger added the backport/done All backports for this PR have been created label Feb 21, 2017
@lunny lunny deleted the lunny/fix_XSS_on_wiki_1 branch April 19, 2017 05:46
@go-gitea go-gitea locked and limited conversation to collaborators Nov 23, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@appleboy appleboy appleboy approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created issue/critical This issue should be fixed ASAP. If it is a PR, the PR should be merged ASAP lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! type/bug
Projects
None yet
Milestone
1.0.2
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@lunny @appleboy @Bwko @tboerger @unknwon