Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | CVE-2022-27258: XSS via rpath query param. | Harald Eilertsen | 2022-03-20 | 1 | -2/+2 |
| | | | | | | | | | | Escape URLs provided by the rpath query param in settings modules. This prevents a possible Cross-Site scripting vulnerability, where an attacker could inject web scripts and html into the settings form via the rpath query parameter, and have a user execute the script by tricking them to clicking a link. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666 | ||||
* | move from build_sync_packet() to Libsync::build_sync_packet() | Mario | 2020-04-09 | 1 | -1/+2 |
| | |||||
* | move *_divmore_height setting to the module extra_settings, and fix issue ↵ | Mario Vavti | 2018-10-04 | 1 | -0/+4 |
| | | | | where feature settings were not synced if rpath was provided | ||||
* | settings for events and cdav calendar | Mario | 2018-09-23 | 1 | -0/+43 |