github-mirror/BookStack
github-mirror/BookStack
2
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-03-12 13:25:33 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
BookStack/app/Uploads
History
Dan Brown 349162ea13
Prevented possible XSS via link attachments 
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
2020-10-31 15:01:52 +00:00
..
Attachment.php
Continued implementation of attachment drag+drop
2020-09-13 18:31:14 +01:00
AttachmentService.php
Prevented possible XSS via link attachments
2020-10-31 15:01:52 +00:00
HttpFetcher.php
PHPCS related fixes.
2019-01-27 15:59:23 +05:30
Image.php
Filled out base Book API endpoints, added example responses
2020-01-12 14:45:54 +00:00
ImageRepo.php
Converted image-manager to be component/HTML based
2020-07-25 00:20:58 +01:00
ImageService.php
Fixed issue where URL params in image names would cause loading failure
2020-07-25 11:18:40 +01:00
UploadService.php
Re-structured the app code to be feature based rather than code type based
2018-09-25 12:30:50 +01:00