search

Xceptance / XLT

XLT is an comprehensive load and performance test tool developed and maintained by Xceptance. It features extensive ready-to-use reporting.
https://www.xceptance.com/xlt/
Apache License 2.0
61 stars 11 forks source link

Security: Update jQuery and dependencies for reports #364

Closed rschwietzke closed 1 year ago

rschwietzke commented 1 year ago

Update jQuery and its dependencies for the reports to the latest secure version. At the time of the writing, it is v3.6.4. Make sure we use the minified version.

js-xc commented 1 year ago

Do you consider jQuery.scrollTo/jQuery.hoverIntent dependencies? Anyway neither has released a new version in the past 2 years, we could update hoverIntent but not sure whether we need to.

rschwietzke commented 1 year ago

Do you consider jQuery.scrollTo/jQuery.hoverIntent dependencies? Anyway neither has released a new version in the past 2 years, we could update hoverIntent but not sure whether we need to.

These depend on jQuery, hence these are dependencies and must match jQuery or at least stay compatible. If they don't have new version, fine, but we have to test that things still work okish. If there is a latest, please use it but test the functionality.

js-xc commented 1 year ago

Do you have an idea what these are supposed to do, functionally? I don't even know how I'd see they're not working.

rschwietzke commented 1 year ago

Do you have an idea what these are supposed to do, functionally? I don't even know how I'd see they're not working.

scrollTo does the soft scrolling to charts when you click on names or the scrollback to top when clicking the header menu including the back to table links.

hoverIntent brings up the 10 url examples when hovering over a request name.