Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Remove "pre-sanitization" of requests processed by GitPHP

Download Browse

It is a bad practice to "pre-sanitize" request parameters since it is not possible to know how these variables are going to be used. Without the context it only gives an impression of security. The needed escaping as been added in the templates a while ago, the "pre-sanitization" can safely be dropped. This is part of story #10411: cleanly integrate gitphp into tuleap Change-Id: If50cf3a97eb49a88ee9bd858393ca4126773295c

+0 −10
Thomas Gerbet (tgerbet) 2018-07-09 10:54
Thomas Gerbet (tgerbet) 2018-07-09 10:54
cc22752c4d9bc2eea133a265f05c45d9d9943d80
33dfa0955505a9434af4377347269b3f014cd3d7
git #tuleap/stable/cc22752c4d9bc2eea133a265f05c45d9d9943d80

Modified Files

Side by side diff
Inline diff
Name
M plugins/git/include/GitViews/GitPhpViewer.class.php +0 −10 Go to diff View file