File Changes for galt
switch to commits view, user indexv337_base to v338_preview (2016-08-15 to 2016-08-22) v338
Show details
- src/hg/encode/hgEncodeVocab/hgEncodeVocab.c
- lines changed 1, context: html, text, full: html, text
2817400f77ca691cedbc23df32154f00c0a4a77f Wed Aug 17 22:14:46 2016 -0700
This commit refs #17815, #17782. Addressing XSS issues in warn and errAbort via new htmlSafef and encoding for several cases including html, attribrute, css, js, url or none. Encoding approach is based on OWASP recommendations.
- src/hg/hgTables/filterFields.c
- lines changed 1, context: html, text, full: html, text
2817400f77ca691cedbc23df32154f00c0a4a77f Wed Aug 17 22:14:46 2016 -0700
This commit refs #17815, #17782. Addressing XSS issues in warn and errAbort via new htmlSafef and encoding for several cases including html, attribrute, css, js, url or none. Encoding approach is based on OWASP recommendations.
- src/hg/hgTables/identifiers.c
- lines changed 6, context: html, text, full: html, text
2817400f77ca691cedbc23df32154f00c0a4a77f Wed Aug 17 22:14:46 2016 -0700
This commit refs #17815, #17782. Addressing XSS issues in warn and errAbort via new htmlSafef and encoding for several cases including html, attribrute, css, js, url or none. Encoding approach is based on OWASP recommendations.
- src/hg/hgTracks/hgTracks.c
- lines changed 1, context: html, text, full: html, text
2817400f77ca691cedbc23df32154f00c0a4a77f Wed Aug 17 22:14:46 2016 -0700
This commit refs #17815, #17782. Addressing XSS issues in warn and errAbort via new htmlSafef and encoding for several cases including html, attribrute, css, js, url or none. Encoding approach is based on OWASP recommendations.
- src/hg/hgc/hgc.c
- lines changed 1, context: html, text, full: html, text
38990114981b7e195d33206edd471797038c6557 Thu Aug 18 11:16:36 2016 -0700
Fixing XSS. Changed output from just printf to warn() which gets properly encoded output.
- src/hg/lib/cart.c
- lines changed 1, context: html, text, full: html, text
d26a087dff59f4e4493e4ce2cf7d5b1ae145fdf3 Thu Aug 18 12:15:52 2016 -0700
adding back commits reverted earlier that got lost in the final merge. XSS fixes.
- src/hg/lib/cartJson.c
- lines changed 1, context: html, text, full: html, text
2817400f77ca691cedbc23df32154f00c0a4a77f Wed Aug 17 22:14:46 2016 -0700
This commit refs #17815, #17782. Addressing XSS issues in warn and errAbort via new htmlSafef and encoding for several cases including html, attribrute, css, js, url or none. Encoding approach is based on OWASP recommendations.
- src/hg/lib/hgFind.c
- lines changed 1, context: html, text, full: html, text
d26a087dff59f4e4493e4ce2cf7d5b1ae145fdf3 Thu Aug 18 12:15:52 2016 -0700
adding back commits reverted earlier that got lost in the final merge. XSS fixes.
- src/hg/lib/hui.c
- lines changed 5, context: html, text, full: html, text
2817400f77ca691cedbc23df32154f00c0a4a77f Wed Aug 17 22:14:46 2016 -0700
This commit refs #17815, #17782. Addressing XSS issues in warn and errAbort via new htmlSafef and encoding for several cases including html, attribrute, css, js, url or none. Encoding approach is based on OWASP recommendations.
- src/inc/htmshell.h
- lines changed 29, context: html, text, full: html, text
2817400f77ca691cedbc23df32154f00c0a4a77f Wed Aug 17 22:14:46 2016 -0700
This commit refs #17815, #17782. Addressing XSS issues in warn and errAbort via new htmlSafef and encoding for several cases including html, attribrute, css, js, url or none. Encoding approach is based on OWASP recommendations.
- lines changed 3, context: html, text, full: html, text
d26a087dff59f4e4493e4ce2cf7d5b1ae145fdf3 Thu Aug 18 12:15:52 2016 -0700
adding back commits reverted earlier that got lost in the final merge. XSS fixes.
- src/lib/htmshell.c
- lines changed 583, context: html, text, full: html, text
2817400f77ca691cedbc23df32154f00c0a4a77f Wed Aug 17 22:14:46 2016 -0700
This commit refs #17815, #17782. Addressing XSS issues in warn and errAbort via new htmlSafef and encoding for several cases including html, attribrute, css, js, url or none. Encoding approach is based on OWASP recommendations.
switch to commits view, user index