kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/features
History
Robert Speicher 7cc239528e Remove persistent XSS vulnerability in `commit_person_link` helper 
Because we were incorrectly supplying the tooltip title as
`data-original-title` (which Bootstrap's Tooltip JS automatically
applies based on the `title` attribute; we should never be setting it
directly), the value was being passed through as-is.

Instead, we should be supplying the normal `title` attribute and letting
Rails escape the value, which also negates the need for us to call
`sanitize` on it.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15126
 		2016-04-17 18:42:49 -04:00
..
admin Bring shared project feature tests from EE 2016-03-12 14:45:14 +01:00
dashboard Fix bug related to filtering Issues by Label/Milestone. 2016-04-02 07:36:41 -05:00
explore Fix test 2016-03-04 19:27:02 +01:00
group Updates from last code review. 2016-03-06 23:07:19 -05:00
profile Test changing notification settings per project fron notificaitons page 2016-03-30 10:44:20 +02:00
project Merge branch 'mr-ui-update' into 'master' 2016-04-11 11:25:40 +00:00
snippets fix spinach features to use new button wordings 2015-10-15 17:59:17 +11:00
steps Remove persistent XSS vulnerability in `commit_person_link` helper 2016-04-17 18:42:49 -04:00
support Fix Capybara 2.6.2 deprecation warnings 2016-03-15 11:03:17 -07:00
abuse_report.feature Streamline the "Report button" 2015-09-29 21:47:01 +02:00
groups.feature Revert "Merge branch 'new-navigation-prototype' into 'master'" 2016-04-07 21:20:16 +00:00
invites.feature Add spinach tests around accepting and declining invitations. 2015-04-14 18:04:29 +02:00
search.feature Add CHANGELOG and test 2016-03-01 16:29:16 +01:00
snippet_search.feature Updating to persist a params snippets variable 2014-09-05 13:30:55 -04:00
user.feature Fix specs 2016-03-01 17:42:44 -05:00