Protect against XSS vulnerabilities in URL redirection

Fork: 0

Skyworks / ldapcherry

Browse code Protect against XSS vulnerabilities in URL redirection - Switch from base64 to URL encoding for the passing the URL, using the built-in Mako filtering - Apply HTML filtering to Mako output by default - Disable HTML filtering for nested templates in adduser, modify, and selfmodify master multivalued_attributes python3_support 1.1.1 1.1.0 1.0.1 1.0.0
1 parent 1ed654c commit 6f98076281e9452fdb1adcd1bcbb70a6f968ade9 John Thiltges authored on 3 Jan 2019

Patch

Unified Split

Showing 5 changed files

Ignore Space Show notes View ldapcherry/__init__.py

Ignore Space Show notes View resources/templates/adduser.tmpl

Ignore Space Show notes View resources/templates/login.tmpl

Ignore Space Show notes View resources/templates/modify.tmpl

Ignore Space Show notes View resources/templates/selfmodify.tmpl

Show line notes below