Closed GoogleCodeExporter closed 9 years ago
I have a preliminary fix for this, but I'm still considering if I am taking the
right approach.
Original comment by James.Mo...@gmail.com
on 5 Sep 2014 at 11:24
An XSS filter based on JSoup has been merged to master & develop.
This filter will strip out all html elements for url parameters and any
non-whitelisted HTML elements from form inputs, markup docs, and optionally
commit messages. The whitelist is based in part on stock JSoup and GitHub's
documented html sanitizer.
Original comment by James.Mo...@gmail.com
on 7 Sep 2014 at 4:59
v1.6.1 released
Original comment by James.Mo...@gmail.com
on 20 Oct 2014 at 9:36
Original issue reported on code.google.com by
1988pors...@gmail.com
on 5 Sep 2014 at 1:45