stable

Clone or download

Read-only

Remove "pre-sanitization" of requests processed by GitPHP

It is a bad practice to "pre-sanitize" request parameters since it is not possible to know how these variables are going to be used. Without the context it only gives an impression of security. The needed escaping as been added in the templates a while ago, the "pre-sanitization" can safely be dropped. This is part of story #10411: cleanly integrate gitphp into tuleap Change-Id: If50cf3a97eb49a88ee9bd858393ca4126773295c

Modified Files

Name
M plugins/git/include/GitViews/GitPhpViewer.class.php +0 −10 Go to diff View file