composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-05-01 22:48:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°4360 Security hardening

Browse Source
This commit is contained in:
Pierre Goiffon
2021-11-23 16:58:47 +01:00
parent 3e8dd2f4a5
commit e15d4bfab6
12 changed files with 819 additions and 193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
test/core/sanitizer/input/scripts.svg Normal file
View File

@@ -0,0 +1,8 @@
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg xmlns="http://www.w3.org/2000/svg" version="1.1" baseProfile="full" onload="alert('hello world !');">
<rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)"/>
<script type="text/javascript">
alert("XSS");
</script>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 418 B