GoogleCodeExporter
commented
8 years ago Original comment by vent...@gmail.com on 21 Sep 2012 at 6:22
- Changed state: Considering
Closed GoogleCodeExporter closed 8 years ago
GoogleCodeExporter
commented
8 years ago Original comment by vent...@gmail.com on 21 Sep 2012 at 6:22
GoogleCodeExporter
commented
8 years ago This has been a great module for many, many years. Don't know what I'd do
without it! The XSS issue was just flagged by my PCI scanner. Yikes! Wanted to
make sure you were aware this issue was having an impact in that area.Original comment by se...@darlingtonschool.org on 12 Jun 2014 at 4:20
GoogleCodeExporter
commented
8 years ago After pondering how to get XSS protection in here without adding a dependency
to another package/library, I decided to snag a bit of code from the Microsoft
Web Protection Library: http://wpl.codeplex.com/
I've updated the redirect code that relies on JS and the license, as needed.
Please, feel free to run your site through the PCI scanner again and let us
know the results. We can't have CC processors putting you out from using this
module, so I'm hoping this remedies the problem.Original comment by vent...@gmail.com on 15 Jun 2014 at 6:30
GoogleCodeExporter
commented
8 years ago Sorry for the late reply. I managed to make a patch myself to get PCI off my
back but yours is certainly better. Now in place and it works like a charm.
Many thanks!Original comment by se...@darlingtonschool.org on 14 Oct 2014 at 6:51
GoogleCodeExporter
commented
8 years ago I'm glad to hear it! Thanks for the update.Original comment by vent...@gmail.com on 15 Oct 2014 at 1:22
Original issue reported on code.google.com by
s...@latham-it.comon 5 Jan 2012 at 9:59