Closed msaf1980 closed 1 year ago
Hi @msaf1980 Thanks for your patch! maybe you know, do we have issue for that xss? or it's new?
As I think, It's fix all XSS raised from all Django requests handlers annotated with @handleInputParameterError
(if exception is InputParameterError)
Work with https://github.com/graphite-project/graphite-web/issues/2779
And PR has tests for /metrics/find
for check that this work.
Yes, looks like majority of issues. Nice fix! Will merge and check opened xss tickets against it.
Status | Branch | Result |
---|---|---|
✅ | 1.1.x |
Please refer to the Backport tool documentation
Hi @msaf1980 Thanks for your patch! maybe you know, do we have issue for that xss? or it's new?