Permalink
Commits on Oct 30, 2010
Commits on Oct 21, 2010
  1. add build toolchain

    Taken from v1251 and adapted. Now it is possible to build
    exactly the same index.html as in the repository.
    weisslj committed Oct 21, 2010
  2. add JSON/json2.js

    This is necessary to generate exactly the same index.html as in the
    repository.
    weisslj committed Oct 21, 2010
  3. YAHOO.ext.DomHelper.append -> Clipperz.YUI.DomHelper.append

    This is necessary to generate exactly the same index.html as in the
    repository.
    weisslj committed Oct 21, 2010
Commits on Aug 17, 2009
  1. Replaced all TEXT field values with LONGTEXT in order to avoid silent…

    … data truncation that has caused some problems when an account was growing
    gcsolaroli committed Aug 17, 2009
Commits on Oct 31, 2008
  1. Fixed erroneous previous merges of security enhancements;

    Fixed erroneous deleted license form source files.
    mrfabbri committed Oct 31, 2008
  2. Fixed missing starting '^' in regular expression testing for urls san…

    …ity (i.e. http, https, webdav, ftp);
    
    Added missing files from previous commit, specifically modified DomHelper to take into account of malicious JavaScript injections and XSS.
    mrfabbri committed Oct 31, 2008
  3. Fixed the processing of the direct login configurations to remove a v…

    …ulnerability found by Collin Jackson http://www.collinjackson.com/ (PhD student at Stanford University), Ben Adida http://adida.net/ (Instructor/Research Faculty, CHIP, Harvard Medical School. Fellow, Center for Research on Computation and Society, Harvard University) and Adam Barth http://www.adambarth.com/ (post-doctoral fellow at the Electrical Engineering and Computer Science Department at the University of California at Berkeley);
    
    changed the HTML rendering process to avoid possible malicious injections;
    
    changed the implementation of the JSON parsing in order to avoid possible injections;
    
    added the Chrome browser identifier;
    
    fixed some translation errors.
    mrfabbri committed Oct 31, 2008
Commits on Apr 8, 2008
Commits on Apr 4, 2008
Commits on Apr 3, 2008