New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

escape filter in search #27900

Merged
merged 1 commit into from May 16, 2017

Conversation

Projects
None yet
4 participants
@peterprochaska
Contributor

peterprochaska commented May 16, 2017

Description

Escape the filter parameter in error message

Motivation and Context

Make owncloud more secure

How Has This Been Tested?

Inject HTML Code and the error message is HTML-Code free

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.
@CLAassistant

This comment has been minimized.

Show comment
Hide comment
@CLAassistant

CLAassistant May 16, 2017

CLA assistant check
All committers have signed the CLA.

CLAassistant commented May 16, 2017

CLA assistant check
All committers have signed the CLA.

@peterprochaska peterprochaska added this to the 10.0.1 milestone May 16, 2017

@PVince81

This comment has been minimized.

Show comment
Hide comment
@PVince81

PVince81 May 16, 2017

Member

hmmm okay 👍

Member

PVince81 commented May 16, 2017

hmmm okay 👍

@PVince81 PVince81 merged commit 6e5a782 into master May 16, 2017

4 checks passed

Scrutinizer 4 new issues, 7 updated code elements
Details
continuous-integration/jenkins/pr-head This commit looks good
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
license/cla Contributor License Agreement is signed.
Details

@PVince81 PVince81 deleted the remove-single-quote-around-search-query branch May 16, 2017

@PVince81

This comment has been minimized.

Show comment
Hide comment
@PVince81

PVince81 May 16, 2017

Member

Backport or not critical enough ? @Peter-Prochaska @DeepDiver1975

Member

PVince81 commented May 16, 2017

Backport or not critical enough ? @Peter-Prochaska @DeepDiver1975

@peterprochaska

This comment has been minimized.

Show comment
Hide comment
@peterprochaska

peterprochaska May 16, 2017

Contributor

backport to 9.1 #27903
backport to 9 #27904

Contributor

peterprochaska commented May 16, 2017

backport to 9.1 #27903
backport to 9 #27904

@PVince81

This comment has been minimized.

Show comment
Hide comment
@PVince81

PVince81 May 29, 2017

Member

stable8.2: #27992

Member

PVince81 commented May 29, 2017

stable8.2: #27992

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment