Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

fix(secu): escape persistent and reflected XSS in my account - for 18.10.x #7877

Merged
merged 2 commits into from
Sep 27, 2019
Merged

fix(secu): escape persistent and reflected XSS in my account - for 18.10.x #7877

merged 2 commits into from
Sep 27, 2019

Conversation

sc979
Copy link
Contributor

@sc979 sc979 commented Sep 25, 2019
edited
Loading

Pull Request Template

Description

Exclude XSS injection from myAccount alias and name fields.

Fixes MON-4129 MON-4147

Type of change

  • Patch fixing an issue (non-breaking change)
  • New functionality (non-breaking change)
  • Breaking change (patch or feature) that might cause side effects breaking part of the Software
  • Updating documentation (missing information, typo...)

Target serie

  • 2.8.x
  • 18.10.x
  • 19.04.x
  • 19.10.x (master)

How this pull request can be tested ?

Please describe the procedure to verify that the goal of the PR is matched. Provide clear instructions so that it can be correctly tested.

Any relevant details of the configuration to perform the test should be added.

Checklist

Community contributors & Centreon team

  • I followed the coding style guidelines provided by Centreon
  • I have commented my code, especially new classes, functions or any legacy code modified. (docblock)
  • I have commented my code, especially hard-to-understand areas of the PR.
  • I have made corresponding changes to the documentation.
  • I have rebased my development branch on the base branch (master, maintenance).

Centreon team only

  • I have made sure that the unit tests related to the story are successful.
  • I have made sure that unit tests cover 80% of the code written for the story.
  • I have made sure that acceptance tests related to the story are successful (local and CI)

@sc979 sc979 mentioned this pull request Sep 25, 2019
Merged
16 tasks
@sc979 sc979 changed the title fix(secu): escape persistent and reflected Xss in my account - for 2.8.x fix(secu): escape persistent and reflected Xss in my account - for 18.10.x Sep 25, 2019
@sc979 sc979 changed the title fix(secu): escape persistent and reflected Xss in my account - for 18.10.x fix(secu): escape persistent and reflected XSS in my account - for 18.10.x Sep 25, 2019
@sc979 sc979 requested a review from kduret September 26, 2019 11:21
@sc979 sc979 force-pushed the MON-4129-persistent-xss-my-account-18-10 branch from 4c19426 to 6476eb9 Compare September 26, 2019 12:29
@sc979 sc979 merged commit 78f86e8 into 18.10.x Sep 27, 2019
@sc979 sc979 deleted the MON-4129-persistent-xss-my-account-18-10 branch September 27, 2019 14:37
sc979 added a commit that referenced this pull request Sep 27, 2019
@sc979
fix(secu): escape persistent and reflected XSS in my account - for 18…
189bd0c 
….10.x (#7877)

* fix(secu): escape myAccount special characters
sc979 added a commit that referenced this pull request Sep 27, 2019
@sc979
fix(secu): escape persistent and reflected XSS in my account - for 18…
c9c5b53 
….10.x (#7877)

* fix(secu): escape myAccount special characters
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Nohzoh Nohzoh Nohzoh approved these changes

@kduret kduret kduret approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sc979 @kduret @Nohzoh