Commit Graph

20 Commits

Author SHA1 Message Date
Régis Hanol
c7330ed73f BUGFIX: errors when post-processing 'data images' 2014-07-18 17:54:18 +02:00
Sam
de7e6a9545 Feature: allow mods to cut pinned topic excerpts 2014-07-17 21:32:37 +10:00
Sam
91cd4f2d66 SECURITY: improve escaping protection 2014-07-17 16:11:10 +10:00
Sam
c12a131fb4 SECURITY: sanitizer allowing invalid attributes 2014-07-17 16:11:09 +10:00
Régis Hanol
a9342dbf92 SECURITY: fix XSS in link's href 2014-07-15 16:11:37 +02:00
Jason Taylor
df2c259836 BUGFIX: exception validating 'data-' attributes 2014-07-14 17:43:38 -07:00
Robin Ward
1886ffaff2 FIX: Work with phpBB import style links with ellipsis 2014-07-14 14:27:17 -04:00
Robin Ward
186ce78cb5 FIX: BBCode sanitization and tests 2014-07-14 11:24:25 -04:00
Sam
d54c28adc1 FIX: better whitelisting 2014-07-10 09:59:54 +10:00
Sam
9828a268b9 Fix: whitelist regex for bbcode too wide 2014-07-10 09:17:04 +10:00
Régis Hanol
6b45b635f8 FIX: properly whitelist <code> classes needed for syntax highlighting 2014-07-09 16:27:47 +02:00
Sam
9ffcbfca98 FIX: disable whitelist temporarily
more complete fix to follow
2014-07-09 22:13:27 +10:00
Sam
fcbc7729b6 FIX: missing BBCODE whitelists
FEATURE: ability whitelist a RegExp
2014-07-08 10:33:59 +10:00
Robin Ward
fc1ce96dbb FIX: Change the approach to sanitization. Includes a more detailed API
for allowing classes and attributes for only certain tag names.
2014-07-03 16:55:36 -04:00
Régis Hanol
c97de2c449 BUGFIX: markdown sanitize on null/undefined text 2014-05-14 12:14:33 +02:00
Régis Hanol
5edec22e28 fix the build 2014-03-27 16:57:46 +01:00
riking
593f5df503 Corrections to JSDoc 2014-03-18 18:19:20 -07:00
Vikhyat Korrapati
fad88c6cf3 Fix sanitization of smileys like <_< and <3. 2014-01-26 18:38:47 +05:30
Régis Hanol
9b6538832d whitelist google.com/maps iframes 2013-11-29 18:08:53 +01:00
Robin Ward
9adcd1579d Renamed components to lib in the JS project, as Ember has components and they mean something different. 2013-10-24 12:36:46 -04:00