Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable CodeQL scans and fix issues found there #4897

Merged
merged 4 commits into from May 10, 2021

Conversation

ThiefMaster
Copy link
Member

There were also two cases of catastrophic backtracking in regexps which I didn't fix as those are in client-side code where the user could only slow down their own browser, so it's not really worth touching that legacy code...

@ThiefMaster ThiefMaster added this to the v2.3 milestone May 10, 2021
@ThiefMaster ThiefMaster added this to In progress in Release 2.3 via automation May 10, 2021
Most places where it was missing were internal links and thus safe, but
there's no need to have opener/referrer for those either, so no need to
get warnings from code analysis tools that need to be silenced...
@ThiefMaster ThiefMaster merged commit 5a50973 into indico:2.3-maintenance May 10, 2021
Release 2.3 automation moved this from In progress to Done May 10, 2021
@ThiefMaster ThiefMaster deleted the xss branch May 10, 2021 14:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
No open projects
Release 2.3
  
Done
Development

Successfully merging this pull request may close these issues.

None yet

1 participant