osr-plastic/osr-discourse-src
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.
e01cef129b
osr-discourse-src/app/assets/javascripts/discourse/app
History
Blake Erickson a373bf2a01 SECURITY: XSS on chat excerpts 
Non-markdown tags weren't being escaped in chat excerpts. This could be
triggered by editing a chat message containing a tag (self XSS), or by
replying to a chat message with a tag (XSS).

Co-authored-by: Jan Cernik <jancernik12@gmail.com>
2023-03-16 15:27:09 -06:00
..
adapters FIX: Avoid duplicate topic-list requests (#18073) 2022-08-24 11:54:01 +01:00
components SECURITY: XSS on chat excerpts 2023-03-16 15:27:09 -06:00
controllers FIX: Avatar upload error (#20658) 2023-03-13 10:59:42 +00:00
helpers SECURITY: XSS on chat excerpts 2023-03-16 15:27:09 -06:00
initializers PERF: Remove ember-link-component-extension to enable Glimmer LinkTo 2023-02-17 12:09:55 +00:00
lib FIX: default_list_filter = none navigation and preloading (#20641) 2023-03-14 10:46:05 +00:00
mixins Generate thumbnail images for video uploads (#19801) 2023-03-09 09:26:47 -07:00
models FEATURE: Configurable auto-bump cooldown (#20507) 2023-03-10 13:45:01 +08:00
modifiers DEV: Upgrade Topic Timeline to Glimmer (#17377) 2022-12-01 13:50:44 -06:00
pre-initializers DEV: Experimental /filter route to filter through topics (#20494) 2023-03-03 09:46:21 +08:00
raw-views DEV: Use method definition syntax consistently (#14915) 2021-11-13 14:01:55 +01:00
routes FIX: default_list_filter = none navigation and preloading (#20641) 2023-03-14 10:46:05 +00:00
services FIX: Don't spam presence requests when getting 429 (#20084) 2023-01-31 09:49:23 +01:00
styles DEV: Migrate to Ember CLI (#11932) 2021-02-03 14:22:20 -05:00
templates SECURITY: XSS on chat excerpts 2023-03-16 15:27:09 -06:00
widgets FIX: anonymous users cannot load topics with mentions with a user status that has an end date (#20660) 2023-03-13 19:57:09 +04:00
app.js DEV: Normalize event handling to improve Glimmer + Classic component compat (Take 2) (#18742) 2022-10-26 14:44:12 +01:00
index.html DEV: Add hint about Rails-generated <head> to ember-cli HTML (#19181) 2022-11-24 15:31:10 +00:00
mapping-router.js DEV: Clean up pre-initializers (#18680) 2022-10-26 09:19:54 +08:00