-
1. url-rule-set에서 denfender는 파라미터별로 설정할 수 밖에 없나요? url별로 설정할 수는 없나요?
2. lucy-xss-default-sax.xml에 허용하는 attribute들이 정의되어있던데 같은 테그들도 있더라고요. default-sax.xml에는 모든 태그들을 허용한것으로 보면 되나요?
3. 2번이 맞다면 script 태…
-
First request to add a questionnaire and enter the xss payload in the title of the questionnaire.
![man1](https://github.com/wkeyuan/DWSurvey/assets/63273184/24fad86f-bd96-429c-9a19-bdf774115f8d)
…
-
Hello everyone,
I'm working on a final year project for my school. The project is a simple nginx reverse proxy with modsecurity and behind it a juice shop.
The problem is that modsecurity blocks sql…
-
This seems relevant as a further reference for interested readers and users. I appreciate your project and its intention to help people be mean to their code. Would be great to link to some understand…
-
```
What steps will reproduce the problem?
1. Check in a file name "à.txt" in a git repository.
2. View that commit in GitBlit.
3. Try to view the file, or a diff with the file.
What is the expected …
-
```
What steps will reproduce the problem?
1. Check in a file name "à.txt" in a git repository.
2. View that commit in GitBlit.
3. Try to view the file, or a diff with the file.
What is the expected …
-
For example, to prevent XSS, I would use this:
```
$Parsedown->setSafeMode(true);
```
Source: https://github.com/erusev/parsedown#security
But using the `markdown_to_html` filter, I don't see h…
-
When users searched code in the livegrep platform, the search query will show in the "Recent searches" section.
In the search box, there is no XSS filter the user input. And in the "Recent searches…
-
First log in to the background and go to the background Settings,(Compare the storage XSS vulnerabilities of chicken ribs)
![image](https://user-images.githubusercontent.com/33337704/85356451-91181e0…
-
```
What steps will reproduce the problem?
1. Check in a file name "à.txt" in a git repository.
2. View that commit in GitBlit.
3. Try to view the file, or a diff with the file.
What is the expected …