Closed cdhoffmann closed 1 year ago
Merging #66 (42531df) into dev (c72de3d) will decrease coverage by
0.34%
. The diff coverage is81.13%
.
@@ Coverage Diff @@
## dev #66 +/- ##
==========================================
- Coverage 89.05% 88.71% -0.34%
==========================================
Files 32 32
Lines 1315 1364 +49
==========================================
+ Hits 1171 1210 +39
- Misses 144 154 +10
Security review found that we are not sanitizing our SocketURL and are exposed to JS injection.
Solution: Add an
isSafe
function to our URL+Parser extension which checks the URL params.Currently it makes the following assumptions (checked with services to make sure we could make these assumptions):