Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Dec 15, 2014
  1. denis-larka

    mt cust fix

    denis-larka authored
Commits on Oct 29, 2014
  1. Jaume Cardona
Commits on Oct 6, 2014
  1. Jaume Cardona

    Merge pull request #16 from txau/bug-analisys-save-query-xss-2

    txau authored
    Now 'query' param will be extracted from database instead of trusting UR...
  2. Jaume Cardona

    Merge pull request #15 from txau/bug-analysis-save-query-xss

    txau authored
    Added input sanitisation to analysis->save query to prevent presistent X...
  3. Jaume Cardona

    Solved conflic in events module

    txau authored
  4. Jaume Cardona

    Merge pull request #13 from txau/feature-password-policy

    txau authored
    Feature password policy
  5. Jaume Cardona

    Merge pull request #9 from txau/bug-paginator-xss

    txau authored
    Bug paginator xss
  6. Jaume Cardona

    Merge pull request #8 from txau/bug-xss-mt-customization

    txau authored
    Added output encoding to prevent potential XSS vulnerability in admin's ...
Commits on Aug 24, 2014
  1. Jaume Cardona

    If PEAR is not present, a very lightweight version of PEAR will be lo…

    txau authored
    …aded from the local folder instead. Also solved a bug with GACode. Added extra check on key synchronization.
Commits on Aug 18, 2014
  1. Jaume Cardona

    Added password complecity validation to new user's creation form. Ext…

    txau authored
    …racted away some code duplication.
  2. Jaume Cardona

    Added a password policy filter in the UI (no server validation) in or…

    txau authored
    …der to enforce users to use stronger (complex) passwords.
Commits on Aug 11, 2014
  1. Jaume Cardona
Commits on Aug 10, 2014
  1. Jaume Cardona
  2. Jaume Cardona
  3. Jaume Cardona

    Created an argument encoder class to white list and encode allowed GE…

    txau authored
    …T params for pagination, sorting and filtering. Persons browsing is fixed now, other modules browsing not yet.
Commits on Aug 7, 2014
  1. Jaume Cardona

    Now 'query' param will be extracted from database instead of trusting…

    txau authored
    … URL param to prevent potential XSS exploitation
Commits on Aug 6, 2014
  1. Jaume Cardona
  2. Jaume Cardona

    Added output encoding to prevent potential XSS vulnerability in admin…

    txau authored
    …'s micro thesauri module
  3. Jaume Cardona
Commits on Aug 1, 2014
  1. Jaume Cardona

    Now a malformed JSON decode will throw an exception cutting the flow …

    txau authored
    …and avoiding potential SQL injection.
Commits on Jul 19, 2014
  1. Jaume Cardona

    Solved a bug in Google Authenticator setup, field name for code was c…

    txau authored
    …onflicting with YubiKey's. Moved TSV method feedback message above the tabs.
  2. Jaume Cardona

    Added a hint to the wrong code feedback message in Google Auth config…

    txau authored
    …uration screen to check time correction for codes in app settings since this is the common cause for GA not working
Commits on Jul 15, 2014
  1. Jaume Cardona
Commits on Jul 14, 2014
  1. Jaume Cardona

    Added API key check to user's preference pane. Could not avoid code d…

    txau authored
    …uplication a per current architecture =/
Commits on Jul 13, 2014
  1. Jaume Cardona
  2. Jaume Cardona

    Added an extra control on user's preferences to prevent Yubikey auth …

    txau authored
    …being activated if system's yubico API is not configured.
  3. Jaume Cardona
  4. Jaume Cardona
  5. Jaume Cardona

    adminModule now can store and retrieve all three options of authentic…

    txau authored
    …ation (none, GA, YubiKey).
Commits on Jul 11, 2014
  1. Jaume Cardona
  2. Jaume Cardona
  3. Jaume Cardona

    Extracted user form tabs to a shared template to avoid duplication. S…

    txau authored
    …ome legacy leftover code removed from act_edit_security.php.
Commits on May 15, 2014
  1. Hmayak Tigranyan
Commits on Apr 22, 2014
  1. Hmayak Tigranyan

    language fix per user;

    hmayaktigranyan authored
Commits on Mar 24, 2014
  1. Hmayak Tigranyan
Something went wrong with that request. Please try again.