Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix XSS vulnerability after PDF export (issue #3178) #3192

Merged
merged 1 commit into from
Aug 24, 2019
Merged

Fix XSS vulnerability after PDF export (issue #3178) #3192

merged 1 commit into from
Aug 24, 2019

Conversation

AWolf81
Copy link
Contributor

@AWolf81 AWolf81 commented Jul 31, 2019

Description

Disabled Javascript in the hidden printout electron window. We're currently not using Javascript in that Window, so it's OK to disable it.

If we would require JS later, we could also do sandboxing. But disabling is OK for now.

Issue fixed

#3178

Type of changes

  • 🔘 Bug fix (Change that fixed an issue)
  • ⚪ Breaking change (Change that can cause existing functionality to change)
  • ⚪ Improvement (Change that improves the code. Maybe performance or development improvement)
  • ⚪ Feature (Change that adds new functionality)
  • ⚪ Documentation change (Change that modifies documentation. Maybe typo fixes)

Checklist:

  • 🔘 My code follows the project code style
  • ⚪ I have written test for my code and it has been tested
  • 🔘 All existing tests have been passed
  • ⚪ I have attached a screenshot/video to visualize my change if possible

@AWolf81 AWolf81 changed the title Fix XSS vunerability after PDF export (issue #3178) Fix XSS vulnerability after PDF export (issue #3178) Jul 31, 2019
@Flexo013 Flexo013 added the awaiting review ❇️ Pull request is awaiting a review. label Aug 1, 2019
ZeroX-DG
ZeroX-DG approved these changes Aug 2, 2019
View reviewed changes
Copy link
Member

@ZeroX-DG ZeroX-DG left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works fine on my machine 🎉

@ZeroX-DG ZeroX-DG added approved 👍 Pull request has been approved by sufficient reviewers. needs extra review 🔎 Pull request requires review from an additional reviewer. and removed awaiting review ❇️ Pull request is awaiting a review. approved 👍 Pull request has been approved by sufficient reviewers. labels Aug 2, 2019
@ZeroX-DG ZeroX-DG requested a review from Rokt33r August 2, 2019 23:51
@AWolf81 AWolf81 mentioned this pull request Aug 3, 2019
Open
@Rokt33r Rokt33r removed the needs extra review 🔎 Pull request requires review from an additional reviewer. label Aug 24, 2019
@Rokt33r Rokt33r added this to the v0.13.0 milestone Aug 24, 2019
@Rokt33r Rokt33r merged commit 857e755 into BoostIO:master Aug 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ZeroX-DG ZeroX-DG ZeroX-DG approved these changes

@Rokt33r Rokt33r Awaiting requested review from Rokt33r

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.13.0
Development

Successfully merging this pull request may close these issues.
4 participants
@AWolf81 @ZeroX-DG @Flexo013 @Rokt33r