Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix TestpageOverlay XSS Vulnerability #2027

Merged

Conversation

jamesagnew
Copy link
Collaborator

Fixes #2026

Copy link
Collaborator

@IanMMarshall IanMMarshall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Approved.

@codecov
Copy link

codecov bot commented Aug 8, 2020

Codecov Report

Merging #2027 into master will decrease coverage by 0.00%.
The diff coverage is 0.00%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master    #2027      +/-   ##
============================================
- Coverage     80.94%   80.93%   -0.01%     
  Complexity    15815    15815              
============================================
  Files          1119     1119              
  Lines         58927    58933       +6     
  Branches       9043     9045       +2     
============================================
+ Hits          47696    47699       +3     
- Misses         7733     7737       +4     
+ Partials       3498     3497       -1     
Impacted Files Coverage Δ Complexity Δ
...r-base/src/main/java/ca/uhn/fhir/util/UrlUtil.java 72.76% <0.00%> (-2.11%) 67.00 <0.00> (ø)
.../fhir/jpa/empi/broker/EmpiQueueConsumerLoader.java 57.14% <0.00%> (-14.29%) 3.00% <0.00%> (-1.00%)
...n/fhir/jpa/config/HapiFhirHibernateJpaDialect.java 90.32% <0.00%> (+16.12%) 13.00% <0.00%> (+1.00%)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 63ef2ce...95ea3df. Read the comment docs.

@jamesagnew jamesagnew merged commit 0de0b88 into master Aug 9, 2020
@jamesagnew jamesagnew deleted the ja_2026_20200808_resolve_testpage_xss_vulnerability branch August 9, 2020 11:06
jvitrifork pushed a commit to trifork/hapi-fhir that referenced this pull request Aug 11, 2020
* Resolve XSS vulnerability

* Add changelog
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

XSS Vulnerability in Testpage Overlay
2 participants