osr-plastic/osr-discourse-src
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.
df3eb93973
osr-discourse-src/app
History
Roman Rizzi df3eb93973
DEV: Sanitize HTML admin inputs (#14681) 
* DEV: Sanitize HTML admin inputs

This PR adds on-save HTML sanitization for:

Client site settings
translation overrides
badges descriptions
user fields descriptions

I used Rails's SafeListSanitizer, which [accepts the following HTML tags and attributes](018cf54073/lib/rails/html/sanitizer.rb (L108))

* Make sure that the sanitization logic doesn't corrupt settings with special characters
2021-10-27 11:33:07 -03:00
..
assets DEV: nullify cachedCookFunction to prevent retains (#14737) 2021-10-27 16:29:36 +02:00
controllers UX: Make PresenceChannel changes more responsive (#14733) 2021-10-26 21:15:20 +01:00
helpers DEV: Allow actions to change the manifest endpoint (#14522) 2021-10-06 15:41:52 -05:00
jobs SECURITY: Improve validation of SNS subscription confirm (#14671) 2021-10-20 22:20:52 +01:00
mailers FIX: Do not show recipient user in email participants list (#14642) 2021-10-19 15:26:22 +10:00
models DEV: Sanitize HTML admin inputs (#14681) 2021-10-27 11:33:07 -03:00
serializers DEV: Remove code that is no longer valid. (#14657) 2021-10-21 10:47:22 +08:00
services DEV: Fix rubocop issues (#14715) 2021-10-27 11:39:28 +03:00
views FIX: improvements for download local dates (#14588) 2021-10-14 09:22:44 +11:00