Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Fix request #7118: List values are not properly sanitized in changesets

Download Browse

If a value contains some html code in its label (like <b>) and it is displayed in the follow-up comments as a change, then it is interpreted by the browser and may pollute the rendering. Change-Id: I9b14a32390d91914d6a151bf73fcbd6833d85654

+82 −32
Nicolas Terray (nterray) 2014-06-25 18:20
Nicolas Terray (nterray) 2014-06-25 18:20
a044718ae64d4c6f4cfbc7ef2017446cb7d09250
01d10c5d0996f2b7523e9e06bba931bc0db0c946
git #tuleap/stable/a044718ae64d4c6f4cfbc7ef2017446cb7d09250

Modified Files

Side by side diff
Inline diff
Name
M plugins/tracker/include/Tracker/Artifact/Tracker_Artifact_ChangesetValue_List.class.php +65 −31 Go to diff View file
M plugins/tracker/tests/Tracker_Artifact_ChangesetValue_ListTest.php +17 −1 Go to diff View file