External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-20 13:09:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
27,335 Commits 67 Branches 623 Tags 823 MiB
8de85386db
Commit Graph

4 Commits

Author SHA1 Message Date
Martin Kletzander
f27dd53402 docs: Properly quote self uri in search.php 
This removes the classical XSS vulnerability of using unquoted
PHP_SELF.

Reported-by: John Lightsey <john@nixnuts.net>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
 2017-07-10 13:44:00 +02:00
Daniel Veillard
cf739b3568 better patch for the XSS search issue 
Since the query string could be output when displaying the results too
 2015-07-03 21:04:24 +08:00
Daniel Veillard
d51876bc8e Avoid XSS vulnerability on the search engine 
Raised by https://www.xssposed.org/incidents/69566/
Need to escape the user provided query before displaying it back
 2015-07-03 20:47:08 +08:00
Martin Kletzander
2818359075 docs: autogenerate search.php 
This patch makes search.php autogenerated from search.php.in, thus
removing hardcoded menus, footer etc. and the search.php is added to
.gitignore.

There is new rule added for *.php files (to make it bit less
hardcoded) that takes *.php.code.in and injects it inside the
generated *.php (xslt was not happy about php code in the source xml).
 2012-08-10 10:58:38 +02:00