Project

General

Profile

Actions
Copy link

Task #105364

closed

Update repository.ts DOM TEXT Interpreted as HTML

Added by TYPO3 GmbH TYPO3com about 1 month ago. Updated about 1 month ago.

Status:
Rejected
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2024-10-19
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Description:
By using textContent, it will avoid the risk of HTML injection, as these properties automatically escape any HTML special characters in the provided text.
This helps make page more safer as compare to innerHTML and prevent cross-site scripting (XSS) vulnerabilities by treating the input as plain text rather than interpreted HTML.

This issue was automatically created from https://github.com/TYPO3/typo3/pull/538

Actions
Copy link
 #1

Updated by Gerrit Code Review about 1 month ago

  • Status changed from New to Under Review

Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/86659

Actions
Copy link
 #2

Updated by Andreas Kienast about 1 month ago

  • Status changed from Under Review to Rejected
Actions
Copy link

Also available in: Atom PDF