dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 051d2e9) | patch
SECURITY: Disallow loading JS/CSS/Json subpages from unregistered users and log
authorBrian Wolff <bawolff+wn@gmail.com>
Tue, 15 May 2018 00:34:14 +0000 (00:34 +0000)
committerPaladox <thomasmulhall410@yahoo.com>
Sun, 21 Oct 2018 18:09:31 +0000 (19:09 +0100)
commit90232b6f36ee5a1473f2e865cc7a72d0014db4c7
treeb77ce773c80294fe34883cc15a743b1d047295a6tree | snapshot
parent051d2e9aca28cc3baff42b79ba7d8e23cc05e855commit | diff
SECURITY: Disallow loading JS/CSS/Json subpages from unregistered users and log

Loading JS from an unregistered user's JS subpage is a severe
security risk as someone could potentially register that account
and then modify the JS.

Bug: T207603
Change-Id: I741736e12b0ed49e95f22c869a2b53e2c97b31f0
RELEASE-NOTES-1.31 diff | blob | history
includes/actions/RawAction.php diff | blob | history
languages/i18n/en.json diff | blob | history
languages/i18n/qqq.json diff | blob | history
Wiklou, le Wiki du Wiklou