Skip to content

Check problems with XSS filtering #1353

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
2 of 3 tasks
flaix opened this issue Nov 1, 2020 · 1 comment
Open
2 of 3 tasks

Check problems with XSS filtering #1353

flaix opened this issue Nov 1, 2020 · 1 comment
Labels
Epic ZenHub created label for Epics
Milestone
1.10.1

Comments

@flaix
Copy link
Member

flaix commented Nov 1, 2020
edited
Loading

The XSS filter sometimes prevents legitimate actions. It seems like the XSS filter needs some rework. We need to check where and what it filters and make sure that it doesn't filter too much. We also need to check if it is still up to date and can prevent current attacks. A unit test based on OWASP should be added.
@flaix flaix added the Epic ZenHub created label for Epics label Nov 1, 2020
@flaix flaix added this to the 1.9.2 milestone Nov 2, 2021
@flaix flaix changed the title Rework XSS filtering Check problems with XSS filtering Dec 5, 2021
@flaix
Copy link
Member Author

flaix commented Dec 7, 2021

#864 turned out not to be a XSS related problem and #822 is not reproducible, so seems already fixed.
Moving this to milestone 1.10.1. I'll leave it open, since the XSS filtering may turn out to become a bigger topic.

@flaix flaix modified the milestones: 1.9.2, 1.10.1 Dec 7, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Epic ZenHub created label for Epics
Projects
None yet
Milestone
1.10.1
Development

No branches or pull requests
1 participant
@flaix