No description
Find a file
Sebastien SAUVAGE daf5522b1e Potentiel security bug corrected
Bug reproduction: 1) paste texte containing html/javascript. 2) send 3)
clic "Raw text"  4) refresh: The html/javascript is interpreted instead
of just displayed.
Under some versions of Chrome, it happens without refreshing.
This bug was corrected.

(cherry picked from commit 4f8750bbddcb137213529875e45e3ace3be9a769)
2015-08-15 22:24:25 +02:00
cfg fixing regressions from cherrypicking 2015-08-15 21:39:08 +02:00
css XSS flaw correction 2015-08-15 22:01:43 +02:00
img Added "Raw text" button. 2015-08-15 20:25:46 +02:00
js Potentiel security bug corrected 2015-08-15 22:24:25 +02:00
lib Stronger server salt 2015-08-15 22:18:57 +02:00
tpl fixing regressions from cherrypicking 2015-08-15 21:39:08 +02:00
tst reviewed unit tests, fixing line endings, added more tests 2015-08-15 18:32:31 +02:00
.gitignore Included .htaccess and .htapasswd for safety. 2013-11-01 01:20:59 +01:00
CHANGELOG.md XSS flaw correction 2015-08-15 22:01:43 +02:00
CREDITS.md had to revert to HTML5 instead of XHTML5 because of compatibility 2012-08-28 23:28:41 +02:00
index.php XSS flaw correction 2015-08-15 22:01:43 +02:00
INSTALL.md had to revert to HTML5 instead of XHTML5 because of compatibility 2012-08-28 23:28:41 +02:00
README.md XSS flaw correction 2015-08-15 22:01:43 +02:00
robots.txt Incorrect structure 2013-11-01 01:22:16 +01:00