kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/app
History
Robert Speicher 4a844b73ff Merge branch 'fix-sanitize-svg' into 'master' 
Update SVG sanitizer to conform to SVG 1.1

Original SVG sanitizer would strip out necessary elements and attributes.

Use a custom Loofah scrubber since sanitize 2.x transformers are inadequate to handle case-sensitive SVG attributes since they parse documents as HTML instead of XML, which causes all SVG attribute names (e.g. `viewBox`) to be downcased.

* SVG element list: https://www.w3.org/TR/SVG/eltindex.html
* SVG attribute list: https://www.w3.org/TR/SVG/attindex.html

Closes #14555

See merge request !3401
2016-05-07 19:08:46 +00:00
..
assets Merge branch 'nice-todos-bell' into 'master' 2016-05-06 16:37:40 +00:00
controllers Log to application.log when an admin starts and stops impersonating a user 2016-05-04 09:21:34 -07:00
finders Prevent private snippets in public/internal projects from being leaked via API 2016-04-25 12:02:06 -07:00
helpers Update SVG sanitizer to conform to SVG 1.1 2016-05-06 23:20:24 -07:00
mailers Support e-mail notifications for comments on project snippets 2016-05-02 11:01:32 -07:00
models Reduce delay in destroying a project from 1-minute to immediately 2016-05-07 01:12:31 -07:00
services Reduce delay in destroying a project from 1-minute to immediately 2016-05-07 01:12:31 -07:00
uploaders
validators
views Make group settings button white instead of gray for better visibility 2016-05-06 21:05:57 +02:00
workers Merge branch 'create-wikis-during-check' into 'master' 2016-05-04 14:10:49 +00:00