Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix cross-site scripting vulnerability in test #2902

Merged

Conversation

pderop
Copy link
Contributor

@pderop pderop commented Sep 19, 2023

Fix cross-site scripting (XSS) vulnerability github security alert in the TomcatServer class.

See https://github.com/reactor/reactor-netty/security/code-scanning/9

@pderop pderop added the type/test A general test label Sep 19, 2023
@pderop pderop added this to the 1.0.37 milestone Sep 19, 2023
@pderop pderop self-assigned this Sep 19, 2023
@pderop
Copy link
Contributor Author

pderop commented Sep 19, 2023

There is one failing test, it's not caused by this PR, but by the test from #2864, which has a bug. I will create a separate PR which will complement #2864.

I'm restarting the CI for the ubuntu-20.04 native checks ...

@pderop
Copy link
Contributor Author

pderop commented Sep 19, 2023

The CI now constantly fails.
I will make the other PR now in order to fix the flaky test, and once it will be merged, I'll rebase this one on top of it.

@violetagg
Copy link
Member

@pderop Please rebase this one

@pderop pderop force-pushed the 1.0.x-fix-cross-site-scripting-vulnerability branch from 229b907 to cd125c2 Compare September 25, 2023 09:22
@pderop
Copy link
Contributor Author

pderop commented Sep 25, 2023

@violetagg , done, I have rebased it.

@pderop pderop merged commit b6aa478 into reactor:1.0.x Sep 25, 2023
9 checks passed
pderop added a commit that referenced this pull request Sep 25, 2023
pderop added a commit that referenced this pull request Sep 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type/test A general test
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants