Actions
Bug #35450
closedExtensions may introduce Cross-Site Scripting
Status:
Rejected
Priority:
Won't have this time
Assignee:
-
Category:
-
Target version:
-
Start date:
2012-04-01
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
6.0
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:
Description
Problem:
Poorly programmed extensions may introduce Cross-Site Scripting to the site, which is bad.
Solution:
Properly HTML escape the output on a central place to avoid that.
Credits:
Thanks to Rupi for the great suggestions how to solve this.
Updated by Gerrit Code Review over 12 years ago
- Status changed from Accepted to Under Review
Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/10111
Updated by Helmut Hummel over 12 years ago
- Status changed from Under Review to Rejected
- Priority changed from Should have to Won't have this time
Actions