Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: update scrub logic #5388

Merged
merged 1 commit into from
Nov 6, 2019
Merged

bug: update scrub logic #5388

merged 1 commit into from
Nov 6, 2019

Conversation

thelostone-mc
Copy link
Member

Description

update scrub logic to show languages

Refers/Fixes

fixes #5387

Testing

Screenshot 2019-10-25 at 5 59 59 PM

danlipert
danlipert reviewed Oct 28, 2019
View reviewed changes
app/assets/v2/js/pages/dashboard.js
@@ -108,7 +108,7 @@ function debounce(func, wait, immediate) {
};
}

const scrub = value => value.replace(/[\W]+/g, '');
const scrub = value => value.replace(/[!@#$%^&*(),.?":{}|<>]+/g, '');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm wondering if this opens us up at all to security risks and what the minimum characters we should allow is - I'm thinking + and # - any other weirdness out there y'all can think of?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nope ! just those hence added those in
@octavioamu ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@thelostone-mc thelostone-mc changed the base branch from stable to master November 4, 2019 15:21
@codecov
Copy link

codecov bot commented Nov 4, 2019
edited
Loading

Codecov Report

Merging #5388 into master will increase coverage by 0.02%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##           master   #5388      +/-   ##
=========================================
+ Coverage   29.67%   29.7%   +0.02%     
=========================================
  Files         242     242              
  Lines       20601   20601              
  Branches     2968    2968              
=========================================
+ Hits         6114    6120       +6     
+ Misses      14236   14230       -6     
  Partials      251     251
Impacted Files Coverage Δ
app/dashboard/embed.py 31.6% <0%> (+3.44%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0050d1c...b4d0087. Read the comment docs.

@danlipert danlipert merged commit 98a1a15 into gitcoinco:master Nov 6, 2019
@thelostone-mc thelostone-mc deleted the keyword branch January 16, 2020 12:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@octavioamu octavioamu octavioamu approved these changes

@danlipert danlipert danlipert approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

XSS protection causes tags in issue explorer to be inproperly escaped
3 participants
@thelostone-mc @danlipert @octavioamu