Вход Зарегистрироваться
Обзор
Проекты с открытым исходным кодом > Site Construction Systems > CMS Construction Systems &&
Сканировать QR-код WeChat для оплаты
Отмена
Платеж завершен
Смотреть
Отписаться Следить за всеми активностями Следить только за динамикой выпуска обновлений Подписаться без уведомления
1 В избранное 0 Ответвления 0

OSCHINA-MIRROR/siteserver-cms

Код Задачи 618 Запросы на слияние 0 Wiki Статистика
Issues
 / Детали:

В безопасном режиме новые или изменённые данные не проходят фильтрацию XSS.

Предстоит сделать
GitLife Service Account
Владелец
Создано  
27.02.2025

Фильтрация была применена только в методе GET, но не в методах INSERT и UPDATE, поэтому фильтрация не работает корректно.

Рекомендация:
Добавьте следующий код в метод EncodeTextEditorAsync:

if (_settingsManager.IsSafeMode)
{
    builder.Replace("&lt;", "<");
    builder.Replace("&gt;", ">");
    return StringUtils.FilterXss(builder.ToString());
}

Комментарий (0)

GitLife Service Account Задача создана

Вход Перед тем как оставить комментарий

Статус
Ответственный
Метки
Не задано
Метки
Контрольная точка
Нет
Нет
Pull Requests
Завершить тестирование
Завершить тестирование
Связанные запросы на слияние могут быть закрыты после их объединения
Ветки
Не связаны
Ветки (1)
Теги (327)
master
sscms-v7.3.1
upload
sscms-v7.3.0
sscms-v7.2.1
sscms-v7.2.0
sscms-v7.1.3
siteserver-v6.10.0-beta
siteserver-v6.10.1
siteserver-v6.9.15-beta
siteserver-v6.9.14-beta
siteserver-v6.9.13-beta
siteserver-v6.9.12-beta
siteserver-v6.9.10-beta
siteserver-v6.9.9-beta
siteserver-v6.9.4-beta
siteserver-v6.9.3-beta
siteserver-v6.9.2-beta
siteserver-v6.9.1-beta
siteserver-v6.9.0
siteserver-v6.8.3
siteserver-v6.8.1
siteserver-v6.8.0
siteserver-v6.7.17-beta
siteserver-v6.7.15-beta
siteserver-v6.7.14-beta
siteserver-v6.7.13-beta
siteserver-v6.7.12-beta
siteserver-v6.7.11-beta
siteserver-v6.7.10-beta
siteserver-v6.7.9-beta
siteserver-v6.7.8-beta
siteserver-v6.7.5-beta
siteserver-v6.7.6
siteserver-v6.7.3-beta
siteserver-v6.7.4
siteserver-v6.7.1
siteserver-v6.7.2-beta
siteserver-v6.7.0
siteserver-v6.6.41-beta
siteserver-v6.6.40-beta
siteserver-v6.6.39-beta
siteserver-v6.6.38-beta
siteserver-v6.6.37-beta
siteserver-v6.6.36-beta
siteserver-v6.6.35-beta
siteserver-v6.6.34-beta
siteserver-v6.6.33-beta
siteserver-v6.6.32-beta
siteserver-v6.6.31-beta
siteserver-v6.6.30-beta
siteserver-v6.6.27-beta
siteserver-v6.6.26-beta
siteserver-v6.6.25-beta
siteserver-v6.6.24-beta
siteserver-v6.6.23-beta
siteserver-v6.6.22-beta
siteserver-v6.6.21-beta
siteserver-v6.6.20-beta
siteserver-v6.6.19-beta
siteserver-v6.6.18-beta
siteserver-v6.6.17-beta
siteserver-v6.6.15-beta
siteserver-v6.6.14-beta
siteserver-v6.6.13-beta
siteserver-v6.6.12-beta
siteserver-v6.6.11-beta
siteserver-v6.6.10-beta
siteserver-v6.6.9-beta
siteserver-v6.6.8-beta
siteserver-v6.6.7-beta
siteserver-v6.6.6-beta
siteserver-v6.6.5-beta
siteserver-v6.6.4-beta
siteserver-v6.6.3-beta
siteserver-v6.6.1-beta
siteserver-v6.6.2
siteserver-v6.6.0-beta
siteserver-v6.5.24-beta
siteserver-v6.5.23-beta
siteserver-v6.5.22-beta
siteserver-v6.5.21-beta
siteserver-v6.5.19-beta
siteserver-v6.5.18-beta
siteserver-v6.5.17-beta
siteserver-v6.5.16-beta
siteserver-v6.5.14-beta
siteserver-v6.5.13-beta
siteserver-v6.5.5-beta
siteserver-v6.5.6-beta
siteserver-v6.5.4-beta
siteserver-v6.5.3-beta
siteserver-v6.5.2-beta
siteserver-v6.5.0-beta
siteserver-v6.5.1
siteserver-v6.4.15-beta
siteserver-v6.4.14-beta
siteserver-v6.4.13-beta
siteserver-v6.4.12-beta
siteserver-v6.4.11-beta
siteserver-v6.4.10-beta
siteserver-v6.4.9-beta
siteserver-v6.4.8-beta
siteserver-v6.4.7-beta
siteserver-v6.4.6-beta
siteserver-v6.4.5-beta
siteserver-v6.4.4-beta
siteserver-v6.4.3-beta
siteserver-v6.4.0-beta
siteserver-v6.4.1
siteserver-v6.3.36-beta
siteserver-v6.3.35-beta
siteserver-v6.3.34-beta
siteserver-v6.3.33-beta
siteserver-v6.3.32-beta
siteserver-v6.3.31-beta
siteserver-v6.3.26-beta
siteserver-v6.3.25-beta
siteserver-v6.3.24-beta
siteserver-v6.3.20-beta
siteserver-v6.3.19-beta
siteserver-v6.3.18-beta
siteserver-v6.3.17-beta
siteserver-v6.3.16-beta
siteserver-v6.3.14-beta
siteserver-v6.3.11-beta
siteserver-v6.3.12
siteserver-v6.3.10-beta
siteserver-v6.3.9-beta
siteserver-v6.3.8-beta
siteserver-v6.3.5-beta
siteserver-v6.3.1-beta
siteserver-v6.3.2
siteserver-v6.3.0-beta
siteserver-v6.2.20-beta
siteserver-v6.2.19-beta
siteserver-v6.2.18-beta
siteserver-v6.2.17-beta
siteserver-v6.2.15-beta
siteserver-v6.2.14-beta
siteserver-v6.2.13-beta
siteserver-v6.2.12-beta
siteserver-v6.2.11-beta
siteserver-v6.2.10-beta
siteserver-v6.2.9-beta
siteserver-v6.2.8-beta
siteserver-v6.2.7-beta
siteserver-v6.2.6-beta
siteserver-v6.2.16
siteserver-v6.2.4
siteserver-v6.2.3
siteserver-v6.2.2
siteserver-v6.2.1
siteserver-v6.1.27-beta
siteserver-v6.2.0
siteserver-v6.1.26-beta
siteserver-v6.1.25-beta
siteserver-v6.1.24-beta
siteserver-v6.1.23-beta
siteserver-v6.1.22-beta
siteserver-v6.1.21-beta
siteserver-v6.1.20-beta
siteserver-v6.1.19-beta
siteserver-v6.1.18-beta
siteserver-v6.1.17-beta
siteserver-v6.1.16-beta
siteserver-v6.1.15-beta
siteserver-v6.1.14-beta
siteserver-v6.1.11-preview
siteserver-v6.1.10-preview
siteserver-v6.1.9-preview
siteserver-v6.1.8-preview
siteserver-v6.1.7-preview
siteserver-v6.1.5-preview
siteserver-v6.1.4-preview
siteserver-v6.1.2-preview
siteserver-v6.1.3
siteserver-v6.1.0-preview
siteserver-v6.1.1
siteserver-v6.0.259-preview
siteserver-v6.0.258-preview
siteserver-v6.0.257-preview
siteserver-v6.0.256-preview
siteserver-v6.0.255-preview
siteserver-v6.0.254-preview
siteserver-v6.0.253-preview
siteserver-v6.0.252-preview
siteserver-v6.0.251-preview
siteserver-v6.0.250-preview
siteserver-v6.0.249-preview
siteserver-v6.0.248-preview
siteserver-v6.0.247-preview
siteserver-v6.0.245-preview
siteserver-v6.0.246
siteserver-v6.0.244-preview
siteserver-v6.0.242-preview
siteserver-v6.0.243
siteserver-v6.0.241-preview
siteserver-v6.0.240-preview
siteserver-v6.0.236-preview
siteserver-v6.0.232-preview
siteserver-v6.0.233
siteserver-v6.0.230-preview
siteserver-v6.0.231
siteserver-v6.0.229-preview
siteserver-v6.0.228-preview
siteserver-v6.0.227-preview
siteserver-v6.0.226-preview
siteserver-v6.0.225-preview
siteserver-v6.0.224-preview
siteserver-v6.0.222-preview
siteserver-v6.0.219-preview
siteserver-v6.0.220-rc2
siteserver-v6.0.218-rc2
siteserver-v6.0.216-preview
siteserver-v6.0.215-preview
siteserver-v6.0.214-preview
siteserver-v6.0.212-preview
siteserver-v6.0.211-preview
siteserver-v6.0.210-rc1
siteserver-v6.0.209-preview
siteserver-v6.0.{build}-rc1
siteserver-v6.0.207-preview
siteserver-v6.0.0-rc1
siteserver-v6.0.205-preview
siteserver-v6.0.204-preview
siteserver-v6.0.203-preview
siteserver-v6.0.202-preview
siteserver-v6.0.201-preview
siteserver-v6.0.197-preview
siteserver-v6.0.196-preview
siteserver-v6.0.195-preview
siteserver-v6.0.194-preview
siteserver-v6.0.193-preview
siteserver-v6.0.192-preview
siteserver-v6.0.191-preview
siteserver-v6.0.189-preview
siteserver-v6.0.187-preview
siteserver-v6.0.173-preview
siteserver-v6.0.172-preview
siteserver-v6.0.169-preview
siteserver-v6.0.168-preview
siteserver-v6.0.167-preview
siteserver-v6.0.166-preview
siteserver-v6.0.164-preview
siteserver-dev-v5.0.154
siteserver-dev-v5.0.153
siteserver-dev-v5.0.152
siteserver-dev-v5.0.151
siteserver-dev-v5.0.150
siteserver-dev-v5.0.149
siteserver-dev-v5.0.148
siteserver-dev-v5.0.147
siteserver-dev-v5.0.146
siteserver-v5.0.145
siteserver-dev-v5.0.144
siteserver-v5.0.143
siteserver-dev-v5.0.142
siteserver-dev-v5.0.141
siteserver-dev-v5.0.140
siteserver-dev-v5.0.139
siteserver-dev-v5.0.137
siteserver-v5.0.136
siteserver-v5.0.135
siteserver-dev-v5.0.134
siteserver-dev-v5.0.133
siteserver-dev-v5.0.132
siteserver-dev-v5.0.131
siteserver-dev-v5.0.130
siteserver-dev-v5.0.129
siteserver-v5.0.128
siteserver-v5.0.127
siteserver-v5.0.126
siteserver-dev-v5.0.125
siteserver-dev-v5.0.124
siteserver-dev-v5.0.122
siteserver-dev-v5.0.121
siteserver-dev-v5.0.117
siteserver-dev-v5.0.115
siteserver-dev-v5.0.114
siteserver-dev-v5.0.113
siteserver-dev-v5.0.112
siteserver-dev-v5.0.111
siteserver-dev-v5.0.109
siteserver-dev-v5.0.107
siteserver-dev-v5.0.106
siteserver-dev-v5.0.103
siteserver-dev-v5.0.102
siteserver-dev-v5.0.101
siteserver-dev-v5.0.97
siteserver-dev-v5.0.95
siteserver-dev-v5.0.94
siteserver-dev-v5.0.92
siteserver-dev-v5.0.91
siteserver-dev-v5.0.89
siteserver-dev-v5.0.87
siteserver-dev-v5.0.86
siteserver-dev-v5.0.85
siteserver-v5.0.82
siteserver-v5.0.81
siteserver-dev-v5.0.80
siteserver-v5.0.78
siteserver-dev-v5.0.76
siteserver-dev-v5.0.70
siteserver-dev-v5.0.69
siteserver-dev-v5.0.63
siteserver-dev-v5.0.62
siteserver-dev-v5.0.61
siteserver-dev-v5.0.59
siteserver-dev-v5.0.57
siteserver-dev-v5.0.56
siteserver-dev-v5.0.55
siteserver-dev-v5.0.53
siteserver-dev-v5.0.51
siteserver-dev-v5.0.48
siteserver-dev-v5.0.40
siteserver-dev-v5.0.39
siteserver-dev-v5.0.37
siteserver-dev-v5.0.36
siteserver-dev-v5.0.34
siteserver-dev-v5.0.33
siteserver-dev-v5.0.27
siteserver-dev-v5.0.25
siteserver-dev-v5.0.24
siteserver-dev-v5.0.23
siteserver-dev-v5.0.22
siteserver-dev-v5.0.18
siteserver-v5.0.15
Дата начала   -   Крайний срок
-
Закрепить/Открепить
Не закреплено
Приоритет: Высокий
Приоритет: Средний
Приоритет: Низкий
Приоритет
Не указано
Срочный
Высокий
Средний
Низкий
Участники(1)
1
https://api.gitlife.ru/oschina-mirror/siteserver-cms.git
git@api.gitlife.ru:oschina-mirror/siteserver-cms.git
oschina-mirror
siteserver-cms
siteserver-cms
Опубликовать
Отчет о репозитории
Вернуться к началу