dépôts
/
lhc
/
web
/
wiklou.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅ next
SECURITY: Fix animate blacklist
2015-04-01
csteipp
SECURITY: Fix animate blacklist
commit
|
commitdiff
|
tree
2015-04-01
csteipp
SECURITY: Don't allow embedded application/xml in SVG's
commit
|
commitdiff
|
tree
2015-04-01
Tyler Romeo
SECURITY: Make SVG @import checking case insensitive
commit
|
commitdiff
|
tree
2014-11-19
csteipp
Make calling wfMangleFlashPolicy configurable
commit
|
commitdiff
|
tree
2014-09-04
csteipp
Allow extensions to indicate a username doesn't exist
commit
|
commitdiff
|
tree
2014-08-28
csteipp
Load password information when expiring
commit
|
commitdiff
|
tree
2014-06-24
csteipp
Release notes for browser tests
commit
|
commitdiff
|
tree
2014-06-09
csteipp
Add HKDF as a fast, random number source
commit
|
commitdiff
|
tree
2014-06-02
csteipp
Add some SVG element namespaces
commit
|
commitdiff
|
tree
2014-05-02
csteipp
Maintain remember me state on password change
commit
|
commitdiff
|
tree
2014-05-01
csteipp
Initialize static input to null
commit
|
commitdiff
|
tree
2014-04-28
csteipp
Allow adding Deleted log entries
commit
|
commitdiff
|
tree
2014-03-18
csteipp
Allow login with passwords not meeting complexity requirements
commit
|
commitdiff
|
tree
2014-03-03
csteipp
Add Updater for Oracle
commit
|
commitdiff
|
tree
2014-02-21
csteipp
Add note about user_password_expires schema change
commit
|
commitdiff
|
tree
2014-02-20
csteipp
Password Expiration
commit
|
commitdiff
|
tree
2014-01-29
Tim Starling
SECURITY: Sanitize shell command args
commit
|
commitdiff
|
tree
2014-01-14
Brad Jorsch
SECURITY: Fix RevDel log entry information leaks
commit
|
commitdiff
|
tree
2014-01-14
csteipp
SECURITY: Return error on invalid XML for SVGs
commit
|
commitdiff
|
tree
2014-01-14
csteipp
SECURITY: Disallow -o-link in styles
commit
|
commitdiff
|
tree
2014-01-14
csteipp
SECURITY: Don't normalize U+FF3C to \
commit
|
commitdiff
|
tree
2014-01-14
Aaron Schulz
SECURITY: Added missing auth check in img_auth.php
commit
|
commitdiff
|
tree
2013-11-14
csteipp
SECURITY: Don't cache when a call could autocreate
commit
|
commitdiff
|
tree
2013-11-14
csteipp
SECURITY: Improve css javascript detection
commit
|
commitdiff
|
tree
2013-10-07
csteipp
Move forceHTTPS check until after wgTitle is setup
commit
|
commitdiff
|
tree
2013-09-30
csteipp
Add Vary: X-Forwarded-Proto for https redirects
commit
|
commitdiff
|
tree
2013-09-30
csteipp
Redirect to https for signup
commit
|
commitdiff
|
tree
2013-09-25
csteipp
Vary on forceHTTPS cookie
commit
|
commitdiff
|
tree
2013-09-03
Tim Starling
SECURITY: Fix extension detection with 2 .'s
commit
|
commitdiff
|
tree
2013-09-03
Brad Jorsch
SECURITY: Prevent tokens in jsonp mode
commit
|
commitdiff
|
tree
2013-09-03
csteipp
SECURITY: Prevent FPD on exceptions in load.php
commit
|
commitdiff
|
tree
2013-08-31
csteipp
Also redirect if prefixed https cookie is preset
commit
|
commitdiff
|
tree
2013-08-29
csteipp
Remove prefix from forceHTTPS cookie
commit
|
commitdiff
|
tree
2013-07-29
csteipp
Add methods to get raw request in WebRequest
commit
|
commitdiff
|
tree
2013-05-21
csteipp
SECURITY: Do checks on all upload types
commit
|
commitdiff
|
tree
2013-05-10
csteipp
Add value to add() call when locking
commit
|
commitdiff
|
tree
2013-04-30
csteipp
SECURITY: Check SVG xml encoding against whitelist
commit
|
commitdiff
|
tree
2013-04-15
csteipp
Disable external entities in Import
commit
|
commitdiff
|
tree
2013-04-15
csteipp
Disable external entities in XMLReader
commit
|
commitdiff
|
tree
2013-04-15
csteipp
Sanitize $limitReport before outputting
commit
|
commitdiff
|
tree
2013-03-29
Skizzerz
Apply IP blocks to X-Forwarded-For header
commit
|
commitdiff
|
tree
2013-03-22
Aaron Schulz
Revert "Misc follow-ups to I2fc3966e (a161c5e)"
commit
|
commitdiff
|
tree
2013-03-04
umherirrender
Add username for GENDER in LogFormatter only when visible
commit
|
commitdiff
|
tree
2013-03-04
Alex Monk
(bug 43518) API action=unblock should return the user...
commit
|
commitdiff
|
tree
2013-01-25
csteipp
By default, keep users in HTTPS with wgSecureLogin
commit
|
commitdiff
|
tree
2013-01-18
csteipp
Add guard to Resources.php
commit
|
commitdiff
|
tree
2012-11-30
Catrope
(bug 42202) Validate preference values in action=options
commit
|
commitdiff
|
tree
2012-09-27
csteipp
(bug 33471) compare detectProtocol to 'https'
commit
|
commitdiff
|
tree
2012-09-21
csteipp
(bug 29898) Set cookie to force HTTPS from HTTP
commit
|
commitdiff
|
tree
2012-08-31
csteipp
(bug 39700) Add htmlspecialchars encoding to label
commit
|
commitdiff
|
tree
2012-08-31
csteipp
(bug 39184) LDAP password leakage
commit
|
commitdiff
|
tree
2012-08-17
csteipp
(bug 39180) Set x-frame-options='DENY' for api
commit
|
commitdiff
|
tree
2012-08-14
csteipp
(bug 35839) Check permisions for revdel blocks
commit
|
commitdiff
|
tree
2012-08-07
csteipp
(bug 24437) Add nofollow to image link
commit
|
commitdiff
|
tree
2012-07-09
Niklas Laxström
(bug 37587) Enforce language codes to be html safe
commit
|
commitdiff
|
tree
2012-05-01
csteipp
(bug 29296) Expanded Blacklist for SVG Files
commit
|
commitdiff
|
tree