New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XSS problem #161

Closed
summerblue opened this Issue Aug 24, 2014 · 7 comments

Comments

3 participants
@summerblue
Contributor

summerblue commented Aug 24, 2014

@summerblue

This comment has been minimized.

Show comment
Hide comment
@summerblue

summerblue Aug 24, 2014

Contributor

Can using this package to fix https://github.com/mewebstudio/Purifier .

Contributor

summerblue commented Aug 24, 2014

Can using this package to fix https://github.com/mewebstudio/Purifier .

@GrahamCampbell

This comment has been minimized.

Show comment
Hide comment
@GrahamCampbell

GrahamCampbell Aug 24, 2014

Contributor

https://github.com/GrahamCampbell/Laravel-Security might be better. The other package is limited to html4 only.

Contributor

GrahamCampbell commented Aug 24, 2014

https://github.com/GrahamCampbell/Laravel-Security might be better. The other package is limited to html4 only.

@summerblue

This comment has been minimized.

Show comment
Hide comment
@summerblue

summerblue Aug 24, 2014

Contributor

I use Laravel-Security before, but it mess up with the html output.

Contributor

summerblue commented Aug 24, 2014

I use Laravel-Security before, but it mess up with the html output.

@GrahamCampbell

This comment has been minimized.

Show comment
Hide comment
@GrahamCampbell

GrahamCampbell Aug 25, 2014

Contributor

Yeh, that's intended. It doesn't just escape JavaScript, it aims to remove some parts of it. Could you give me an example of something you think the package has cleaned wrongly?

Contributor

GrahamCampbell commented Aug 25, 2014

Yeh, that's intended. It doesn't just escape JavaScript, it aims to remove some parts of it. Could you give me an example of something you think the package has cleaned wrongly?

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Aug 25, 2014

@GrahamCampbell Shouldn't that discussion be done on your repo ?

ghost commented Aug 25, 2014

@GrahamCampbell Shouldn't that discussion be done on your repo ?

@GrahamCampbell

This comment has been minimized.

Show comment
Hide comment
@GrahamCampbell

GrahamCampbell Aug 25, 2014

Contributor

Yes. I was planning on creating an issue on it as soon as I got a response here.

Contributor

GrahamCampbell commented Aug 25, 2014

Yes. I was planning on creating an issue on it as soon as I got a response here.

@driesvints

This comment has been minimized.

Show comment
Hide comment
@driesvints

driesvints Aug 25, 2014

Member

Yes, I need to fix this asap. But it'll probably have to wait until after Laracon. Unless someone can send in a PR before that.

Duplicate of #120 btw so I'm gonna close this one.

Member

driesvints commented Aug 25, 2014

Yes, I need to fix this asap. But it'll probably have to wait until after Laracon. Unless someone can send in a PR before that.

Duplicate of #120 btw so I'm gonna close this one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment