Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Project name should be properly escaped in project status change notification

Download Browse

The project name must be escaped in the HTML email otherwise the HTML will be rendered by the mail client. Issue can be seen with a project name like "<img src=https://example.com/image.png>". Part of request #12791: Fix html purification for project privacy change Change-Id: Ia4f04f2dd9d125cabcaa98c017862466dd852dd2

+5 −7
Thomas Gerbet (tgerbet) 2019-09-06 14:38
Thomas Gerbet (tgerbet) 2019-09-10 20:30
4c1110b15db6e79d923cf609550c94db44ab9a8e
38a3c89557191ad3114d24aeceaf6f04d55d04d2
git #tuleap/stable/4c1110b15db6e79d923cf609550c94db44ab9a8e

Modified Files

Side by side diff
Inline diff
Name
M src/common/system_event/include/SystemEvent_PROJECT_IS_PRIVATE.class.php +5 −7 Go to diff View file