User register in checkout on security step #69
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pjedrzejewski
pushed a commit
that referenced
this pull request
May 14, 2013
User register in checkout on security step
|
Thank you Szymon! 👍 |
|
:) 👍 |
GSadee
added a commit
to GSadee/Sylius
that referenced
this pull request
May 10, 2024
…GSadee) This PR was merged into the 1.12 branch. Discussion ---------- | Q | A | --------------- | ----- | Branch? | 1.12 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Related tickets | n/a | License | MIT Fixes CVE-2024-29376. Reported here: https://github.com/r2tunes/Reports/blob/main/Sylius.md Commits ------- 0a7fe9e Add js sanitizeInput function 89880cd Add sanitizer function to UIBundle 19cea9a Use function from UIBundle 3d66fb0 [AddressBook] Add scenario for preventing from a potential XSS attack 9255540 [Checkout] Add scenario for preventing from a potential XSS attack 30de6ff [Behat] Minor scenarios improvements after code review
TheMilek
added a commit
that referenced
this pull request
May 10, 2024
…ress Book and Admin Panel (GSadee) This PR was merged into the 1.12 branch. Discussion ---------- | Q | A |-----------------|----- | Branch? | 1.12 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Related tickets | | License | MIT This PR aims to solve 2 issues: - Potential Cross Site Scripting (XSS) via the "Province" field in the Checkout and Address Book (https://github.com/r2tunes/Reports/blob/main/Sylius.md) - Potential Cross Site Scripting (XSS) via the "Name" field (Taxons, Products, Options, Variants) in the Admin Panel Commits ------- Fix potential xss in admin panel Use function from UIBundle Fix product-auto-complete Add js sanitizeInput function Add sanitizer function to UIBundle Use function from UIBundle [AddressBook] Add scenario for preventing from a potential XSS attack [Checkout] Add scenario for preventing from a potential XSS attack [Behat] Minor scenarios improvements after code review Test adding new taxon Test adding new simple product Test adding similar products Fixes after CR bug #69 Fix potential xss in AdressBook and Checkout (mpysiak, GSadee) bug #76 Fix potential xss in admin panel (mpysiak) [Behat] Minor scenarios improvements
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi,
Here is PR with user registration during checkout. Big up to @pjedrzejewski for help :)