search

EC-CUBE / ec-cube2

EC-CUBE official repository version 2
https://www.ec-cube.net
Other
86 stars 98 forks source link

想定しない脆弱性を防ぐため default modifier に HTMLPurifier を適用する #1066

Open nanasess opened 3 days ago

nanasess commented 3 days ago

fixes #710

想定しない脆弱性を防ぐため default modifier に HTMLPurifier を適用する。 サニタイズされる内容が既存のコンテンツに悪影響を与えないかどうか要検証。

codecov[bot] commented 3 days ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 51.60%. Comparing base (a22be23) to head (1cc9481).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #1066 +/- ## ========================================== - Coverage 51.67% 51.60% -0.07% ========================================== Files 80 80 Lines 10224 10224 ========================================== - Hits 5283 5276 -7 - Misses 4941 4948 +7 ``` | [Flag](https://app.codecov.io/gh/EC-CUBE/ec-cube2/pull/1066/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=EC-CUBE) | Coverage Δ | | |---|---|---| | [tests](https://app.codecov.io/gh/EC-CUBE/ec-cube2/pull/1066/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=EC-CUBE) | `51.60% <ø> (-0.07%)` | :arrow_down: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=EC-CUBE#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

🚨 Try these New Features:

nanasess commented 2 days ago

サニタイズされる内容が既存のコンテンツに悪影響を与えないかどうか要検証。