mkiol / GNotifier

Thunderbird add-on that replaces built-in notifications with the OS native notifications
https://addons.mozilla.org/thunderbird/addon/gnotifier/
GNU General Public License v3.0
164 stars 25 forks source link

Linux: Notification body should be sanitized against Cross-site scripting (XSS) #75

Closed mkiol closed 8 years ago

mkiol commented 8 years ago

Linux notification server supports some html markups. To be 100% sure that no malicious script will be pass, content of notification body should be sanitized against Cross-site scripting (XSS).

This is blocking issue for the AMO submission.

mkiol commented 8 years ago

Fixed in 7e0d5d03d2b742dae8e0cbcb6aa87a4392f72684