Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gitc 609 xss on quest page #9719

Merged
merged 4 commits into from
Nov 26, 2021
Merged

Gitc 609 xss on quest page #9719

merged 4 commits into from
Nov 26, 2021

Conversation

nutrina
Copy link
Contributor

@nutrina nutrina commented Nov 23, 2021

Description

Have changed the way how dynamic content is assembled by leveraging query functions instead of string concatenation.

Refers/Fixes

GITC-609

Testing

This PR fixes

  1. the issue mentioned specifically in the Jira ticket - this has been tested as indicated in the ticket
  2. several other potential XSS vulnerabilities - this was not tested yet. I was unable to reproduce scenarios where this code would be used. This might contain bugs / side effects and should be properly tested in staging.

@nutrina nutrina force-pushed the GITC-609-XSS-on-quest-page branch from b3991b1 to 05734ca Compare November 23, 2021 20:13
@nutrina nutrina force-pushed the GITC-609-XSS-on-quest-page branch from 05734ca to 9295c7e Compare November 24, 2021 09:25
@nutrina nutrina force-pushed the GITC-609-XSS-on-quest-page branch 2 times, most recently from 28fba73 to 5922e4a Compare November 25, 2021 16:15
@nutrina nutrina force-pushed the GITC-609-XSS-on-quest-page branch from 5922e4a to 955d17b Compare November 25, 2021 17:45
@thelostone-mc thelostone-mc merged commit 0c6a92d into master Nov 26, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants