Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix potential cross-site scripting issue #2697

Merged
merged 4 commits into from
Dec 20, 2020
Merged

Fix potential cross-site scripting issue #2697

merged 4 commits into from
Dec 20, 2020

Conversation

yurishkuro
Copy link
Member

No description provided.

@yurishkuro
Fix potential cross-site scripting issue
bde9cb8 
Signed-off-by: Yuri Shkuro <github@ysh.us>
@yurishkuro yurishkuro requested a review from a team as a code owner December 20, 2020 17:13
@mergify mergify bot requested a review from jpkrohling December 20, 2020 17:13
@yurishkuro yurishkuro mentioned this pull request Dec 20, 2020
Closed
@codecov
Copy link

codecov bot commented Dec 20, 2020
edited
Loading

Codecov Report

Merging #2697 (b48d3b7) into master (cfcb937) will decrease coverage by 0.00%.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #2697      +/-   ##
==========================================
- Coverage   95.59%   95.58%   -0.01%     
==========================================
  Files         215      215              
  Lines        9579     9580       +1     
==========================================
  Hits         9157     9157              
- Misses        344      345       +1     
  Partials       78       78
Impacted Files Coverage Δ
cmd/collector/app/handler/http_handler.go 100.00% <100.00%> (ø)
cmd/collector/app/zipkin/http_handler.go 100.00% <100.00%> (ø)
cmd/collector/app/server/zipkin.go 73.07% <0.00%> (-3.85%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update cfcb937...b48d3b7. Read the comment docs.

@yurishkuro
Fix the other one
20d8fee 
Signed-off-by: Yuri Shkuro <github@ysh.us>
@yurishkuro
Fix test
69d5bac 
Signed-off-by: Yuri Shkuro <github@ysh.us>
@yurishkuro
Remove comments
b48d3b7 
Signed-off-by: Yuri Shkuro <github@ysh.us>
@yurishkuro yurishkuro merged commit 29a8798 into jaegertracing:master Dec 20, 2020
@yurishkuro yurishkuro deleted the fix-xss branch December 20, 2020 20:10
@jpkrohling
Copy link
Contributor

How were they caught?

@yurishkuro
Copy link
Member Author

CodeQL flagged them in #2454

bhiravabhatla pushed a commit to bhiravabhatla/jaeger that referenced this pull request Jan 25, 2021
@yurishkuro @bhiravabhatla
Fix potential cross-site scripting issues (jaegertracing#2697)
4b044bc 
* Fix potential cross-site scripting issue

Signed-off-by: Yuri Shkuro <github@ysh.us>

* Fix the other one

Signed-off-by: Yuri Shkuro <github@ysh.us>

* Fix test

Signed-off-by: Yuri Shkuro <github@ysh.us>

* Remove comments

Signed-off-by: Yuri Shkuro <github@ysh.us>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joe-elliott joe-elliott Awaiting requested review from joe-elliott

@jpkrohling jpkrohling Awaiting requested review from jpkrohling

Assignees

@jpkrohling jpkrohling

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yurishkuro @jpkrohling