Bug
Persisted XSS protection
Issue description
Check the occurrences of datatypes string and wiki-markup cannot be abused for persisted cross site scripting. Ensure that it is not possible to create values that redirect control to a malicious individual during revisiting the input data in the fact sheet or in a service rendering.
Developer comments
With [8285, the introduction of a Content-Security-Policy] this issue was resolved as well.
|
Work sessions
Start |
2019-10-26T10:36:28
|
End |
2019-10-26T10:50:38
|
Participant |
Robert Cerny
|
|
We are sorry
This page cannot be displayed in your browser. Use Firefox, Opera, Safari, or Chrome instead.