Home > mailing lists

Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes - Mailing list pgadmin-hackers

From	Ashesh Vashi
Subject	Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes
Date	May 10, 2017 13:56:51
Msg-id	CAG7mmoygGeXaeV9WT3cBtLKf_4qsdFBvivUZyp1pbkxmh3mUkw@mail.gmail.com Whole thread Raw
In response to	[pgadmin-hackers] security bug (with patch-fix) -- need more HTML-escaping for working with tree-nodes (Andrei Antonov <antonov@imp-m.ru>)
Responses	Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes
List	pgadmin-hackers

Tree view

Thanks.

Committed!

Thanks & Regards,

Ashesh Vashi
EnterpriseDB INDIA: Enterprise PostgreSQL Company

http://www.linkedin.com/in/asheshvashi

2017-05-10 1:06 GMT+05:30 Andrei Antonov <antonov@imp-m.ru>:

good day!

i fixed tiny errors (html-escaping) , but it has security effects.

see file "0001-escape-label-of-node-of-tree-when-events-add-remove-.patch" [ https://github.com/postgres-impulsm/pgadmin4/commit/f993513d148fc6dd7e0196261f847e668d5e2c6c ]

--
Андрей Антонов,
инженер-программист Отдела информационных технологий и программирования,
компания «Импульс М»

--
Sent via pgadmin-hackers mailing list (pgadmin-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgadmin-hackers

pgadmin-hackers by date:

From: Ashesh Vashi
Date: 10 May 2017, 13:56:39
Subject: [pgadmin-hackers] pgAdmin 4 commit: HTML escape the label,when setting the collection no

From: Dave Page
Date: 10 May 2017, 13:59:05
Subject: Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes

Re: [pgadmin-hackers] security bug (with patch-fix) -- need moreHTML-escaping for working with tree-nodes - Mailing list pgadmin-hackers

Previous

Next