colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bookstack/app/Providers
History
Dan Brown 349162ea13
Prevented possible XSS via link attachments 
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
 		2020-10-31 15:01:52 +00:00
..
AppServiceProvider.php Prevented possible XSS via link attachments 2020-10-31 15:01:52 +00:00
AuthServiceProvider.php Checked over and aligned registration option behavior across all auth options 2020-02-02 17:31:00 +00:00
BroadcastServiceProvider.php Fleshed out entity provided and optimized imports 2018-09-25 16:58:03 +01:00
CustomFacadeProvider.php Refactored some core entity actions 2019-09-20 00:18:28 +01:00
EventServiceProvider.php Fleshed out entity provided and optimized imports 2018-09-25 16:58:03 +01:00
PaginationServiceProvider.php Replaced use of custom 'baseUrl' helper with 'url' 2019-08-04 14:26:39 +01:00
RouteServiceProvider.php Started core API route work 2019-12-28 14:58:07 +00:00
TranslationServiceProvider.php Made it possible to override translations via theme system 2019-10-26 18:07:14 +01:00