Integrate Plone20200121 hotfix: prevent XSS in title. [3.5.x]

plone / plone.app.content

Various views for Plone, such as folder_contents, as well as general content infrastructure, such as base classes and name choosers.

https://pypi.org/project/plone.app.content/

7 stars 32 forks source link

Integrate Plone20200121 hotfix: prevent XSS in title. [3.5.x] #195

Closed mauritsvanrees closed 4 years ago

mauritsvanrees commented 4 years ago

Part of https://plone.org/security/hotfix/20200121/xss-in-the-title-field-on-plone-5-0-and-higher

For Plone 5.1. Backport of PR #193

mister-roboto commented 4 years ago

@mauritsvanrees thanks for creating this Pull Request and help improve Plone!

To ensure that these changes do not break other parts of Plone, the Plone test suite matrix needs to pass.

Whenever you feel that the pull request is ready to be tested, either start all jenkins jobs pull requests by yourself, or simply add a comment in this pull request stating:

@jenkins-plone-org please run jobs

With this simple comment all the jobs will be started automatically.

Happy hacking!

mauritsvanrees commented 4 years ago

@jenkins-plone-org please run jobs