codecov[bot]
commented
9 months ago Codecov Report
All modified lines are covered by tests :white_check_mark:
Comparison is base (
964f48d) 76.41% compared to head (3068e68) 76.43%.
Additional details and impacted files
```diff @@ Coverage Diff @@ ## master #1429 +/- ## ========================================== + Coverage 76.41% 76.43% +0.02% ========================================== Files 75 75 Lines 3510 3514 +4 Branches 562 562 ========================================== + Hits 2682 2686 +4 Misses 666 666 Partials 162 162 ``` | [Files](https://app.codecov.io/gh/django-cms/django-filer/pull/1429?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=django-cms) | Coverage Δ | | |---|---|---| | [filer/\_\_init\_\_.py](https://app.codecov.io/gh/django-cms/django-filer/pull/1429?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=django-cms#diff-ZmlsZXIvX19pbml0X18ucHk=) | `100.00% <100.00%> (ø)` | | | [filer/admin/imageadmin.py](https://app.codecov.io/gh/django-cms/django-filer/pull/1429?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=django-cms#diff-ZmlsZXIvYWRtaW4vaW1hZ2VhZG1pbi5weQ==) | `90.38% <100.00%> (+0.80%)` | :arrow_up: |:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Description
Directly opening SVG images in the browser is a security issue. Hidden javascript can be executed. This PR opens SVG using a simple template with a single
<img>tag. Other image types are directly sent to the browser.The canonical URL action button does not open the file in a new browser tab any more for security considerations. Instead the canonical URL is copied to the user's clipboard:
Related resources
...
...
Checklist
master