-
Notifications
You must be signed in to change notification settings - Fork 205
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Left angle bracket "<" causes remaining characters of password to be omitted #30
Comments
Hi!! I've noticed that passwords were also "sanitized" for malicious code. It has been patched and will be available in short. Thank you for the feedback |
Thanks, This fixed most of the problem, the angle brackets are now being returned (I can see them in the page source) but they still do not show. The problem seems to be that they're not escaped. I think I've fixed the problem but I don't know the software well enough to test thoroughly. Please see the diff below, this change seems to fix the problem completely.
|
Hi!!, I've already patched the stable release. Thank you for your support! |
Hi again, "Pass<word" is shown as "Pass" And after verification, it does the same on http://demo.syspass.org/index.php |
@Naelwan unfortunatelly a parameter in the ajax request was malformed... Solved in last commit |
Thank you ! |
…tion in classic theme. Thanks to @ejouvin * [FIX] Solves #325, Custom field creation, "empty" type list in theme classic. Thanks to @ejouvin * [FIX] Closes #319. * [FIX] Fixed issue when showing password through web UI. Closes #30. Thanks to @Naelwan for the feedback * [FIX] Closes #313, closes #317, closes #328. Fix for php7 for users / groups / profiles display. Thanks to @ejouvin * [MOD] Modified alertify theme for MDL * [FIX] Closes #352, Closes #329 * [FIX] Closes #293, closes #292. Enforces MySQL password on installation * [FIX] Closes #321. Thanks to @ejouvin for the feedback * [FIX] Solves #345. Send request for account isn't working on classic theme. Thanks to @anburhce for the feedback
To reproduce:
Outcome:
Expected:
The text was updated successfully, but these errors were encountered: