request #14613 Use ESLint to prevent some XSS when working with unsafe DOM APIs

Infos

Artifact ID#14613

Submitted byThomas Gerbet (tgerbet)

Last Modified On2020-03-02 16:59

Submitted on2020-02-28 15:14

Rank15860

Details

Summary *

Use ESLint to prevent some XSS when working with unsafe DOM APIs

Original Submission

Most of the code written for Tuleap these days does not need to directly interact with the code. However there are still some cases when this is required. For those situations we should help the developer remember the code needs to be sanitized before being injected into the DOM.

Typically this sort of thing should not happen: git #tuleap/stable/f19a5109847d8cfea4d99e8636033180519808ff

CategoryOther

Reported in versionEmpty

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2020-03-02

Attachments

AttachmentsEmpty

References

Cross references

Referencing request #14613

Git commit

tuleap/tuleap/stable

Merge commit 'refs/changes/03/18003/3' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD c237f9fd2e

Nicolas Terray (nterray) , 2020-03-02 16:55

request #14613: Use ESLint to prevent some XSS when working with unsafe DOM APIs 1ec13a3071

Thomas Gerbet (tgerbet) , 2020-02-28 15:33

Show items referenced by request #14613

Referenced by request #14613

Artifact Tracker v5

rel #14269 11.12

Git commit

tuleap/tuleap/stable

Self-XSS when fully displaying a SSH key f19a510984

Thomas Gerbet (tgerbet) , 2020-02-28 11:53

Other

Follow-ups

Nicolas Terray (nterray)

2020-03-02 16:59

gerrit #18003 integrated into Tuleap 11.11.99.269

Status changed from Under review to Closed
Connected artifacts
- Added Fixed in: rel #14269
Close date set to 2020-03-02

Thomas Gerbet (tgerbet)

2020-02-28 15:34

Patch can be reviewed: gerrit #18003.

Status changed from Under implementation to Under review