search

graphite-project / graphite-web

A highly scalable real-time graphing system
http://graphite.readthedocs.org/
Apache License 2.0
5.89k stars 1.26k forks source link

[1.1.x] Fix XSS in some dashboards queries (#2785) #2801

Closed deniszh closed 1 year ago

deniszh commented 1 year ago

Backport

This will backport the following commits from master to 1.1.x:

Questions ?

Please refer to the Backport tool documentation

codecov-commenter commented 1 year ago

Codecov Report

Base: 76.05% // Head: 76.07% // Increases project coverage by +0.01% :tada:

Coverage data is based on head (a6f3c27) compared to base (9585590). Patch coverage: 83.33% of modified lines in pull request are covered.

:mega: This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

Additional details and impacted files ```diff @@ Coverage Diff @@ ## 1.1.x #2801 +/- ## ========================================== + Coverage 76.05% 76.07% +0.01% ========================================== Files 88 88 Lines 9644 9681 +37 Branches 2061 2067 +6 ========================================== + Hits 7335 7365 +30 - Misses 2049 2056 +7 Partials 260 260 ``` | [Impacted Files](https://codecov.io/gh/graphite-project/graphite-web/pull/2801?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=graphite-project) | Coverage Δ | | |---|---|---| | [webapp/graphite/util.py](https://codecov.io/gh/graphite-project/graphite-web/pull/2801?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=graphite-project#diff-d2ViYXBwL2dyYXBoaXRlL3V0aWwucHk=) | `80.00% <60.00%> (-0.82%)` | :arrow_down: | | [webapp/graphite/errors.py](https://codecov.io/gh/graphite-project/graphite-web/pull/2801?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=graphite-project#diff-d2ViYXBwL2dyYXBoaXRlL2Vycm9ycy5weQ==) | `93.58% <78.57%> (-3.52%)` | :arrow_down: | | [webapp/graphite/dashboard/views.py](https://codecov.io/gh/graphite-project/graphite-web/pull/2801?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=graphite-project#diff-d2ViYXBwL2dyYXBoaXRlL2Rhc2hib2FyZC92aWV3cy5weQ==) | `99.30% <100.00%> (+0.04%)` | :arrow_up: | Help us with your feedback. Take ten seconds to tell us [how you rate us](https://about.codecov.io/nps?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=graphite-project). Have a feature suggestion? [Share it here.](https://app.codecov.io/gh/feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=graphite-project)

:umbrella: View full report at Codecov.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.