Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: enhancement of isExternal #2093

Merged
merged 2 commits into from
Jun 18, 2023
Merged

fix: enhancement of isExternal #2093

merged 2 commits into from
Jun 18, 2023

Conversation

sy-records
Copy link
Member

@sy-records sy-records commented Jun 16, 2023
edited
Loading

Summary

Fix an xss vulnerability that was fed via email.

Fix #1477 (comment)

What kind of change does this PR introduce?

For any code change,

  • Related documentation has been updated if needed
  • Related tests have been updated or tests have been added

Does this PR introduce a breaking change? (check one)

  • Yes
  • No

If yes, please describe the impact and migration path for existing applications:

Related issue, if any:

Tested in the following browsers:

  • Chrome
  • Firefox
  • Safari
  • Edge
  • IE

@vercel
Copy link

vercel bot commented Jun 16, 2023
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
docsify-preview ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jun 17, 2023 0:23am

@sy-records sy-records requested a review from a team June 16, 2023 07:08
@codesandbox-ci
Copy link

codesandbox-ci bot commented Jun 16, 2023
edited
Loading

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

Latest deployment of this branch, based on commit 942a162:

Sandbox Source
docsify-template Configuration

@Koooooo-7
Copy link
Member

Could u plz add a test case on this for good understanding of this changes ?

Koooooo-7
Koooooo-7 previously approved these changes Jun 16, 2023
View reviewed changes
@Koooooo-7
Copy link
Member

I checked the mail and yes that we need check the \ , is it harmful either when it contains more than 2 \\ ?

@sy-records sy-records mentioned this pull request Jun 16, 2023
Closed
@sy-records
Copy link
Member Author

One and more are problematic, so matching to one is OK.

@sy-records sy-records merged commit 7f13ba0 into develop Jun 18, 2023
@sy-records sy-records deleted the isExternal branch June 18, 2023 03:51
sy-records added a commit that referenced this pull request Jun 24, 2023
@sy-records
fix: enhancement of isExternal (#2093)
6a7d15b
@sy-records sy-records mentioned this pull request Jun 24, 2023
Merged
@trusktr trusktr mentioned this pull request Jun 26, 2023
Merged
9 tasks
@nobodyiam nobodyiam mentioned this pull request Jul 21, 2023
Merged
5 tasks
@Liselot3 Liselot3 mentioned this pull request Dec 30, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Koooooo-7 Koooooo-7 Koooooo-7 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Security Vulnerability
2 participants
@sy-records @Koooooo-7