| From: | Dave Page <dpage(at)pgadmin(dot)org> |
|---|---|
| To: | Khushboo Vashi <khushboo(dot)vashi(at)enterprisedb(dot)com> |
| Cc: | pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org> |
| Subject: | Re: [pgAdmin4][Patch]: RM 1527: XSS vulnerabilities |
| Date: | 2016-08-05 11:20:08 |
| Message-ID: | CA+OCxozoH_R2U=R+v=Mgdtipp1MSyXE0j0U37waH4AV9CzUH3Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers |
Thanks, applied.
On Fri, Aug 5, 2016 at 10:31 AM, Khushboo Vashi
<khushboo(dot)vashi(at)enterprisedb(dot)com> wrote:
> Hi,
>
> Please find the attached patch to fix the RM 1527: XSS vulnerabilities.
>
> Fixed items:
>
> 1. Tree Node labels while loading, adding and updating the node
> 2. Error and Success messages of Alertify dialogue
> 3. Properties dialogue: un-editable controls
> 4. SQL Editor title
>
> Please review the patch and let me know if I missed something.
>
> Thanks,
> Khushboo
>
>
>
> --
> Sent via pgadmin-hackers mailing list (pgadmin-hackers(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgadmin-hackers
>
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Harshal Dhumal | 2016-08-05 15:25:03 | patch for RM1177 [pgadmin4] |
| Previous Message | Dave Page | 2016-08-05 11:20:03 | pgAdmin 4 commit: Fix various escaping issues. Fixes #1527 |