fix XSS when importing articles, speed up update and adding of feeds by only purifying content that will be added to the db

author: Bernhard Posselt <dev@bernhard-posselt.com> 2014-02-11 16:05:50 +0100
committer: Bernhard Posselt <dev@bernhard-posselt.com> 2014-02-11 16:05:58 +0100
commit: 6612cde832cee90b033317f17c57cc9f2f68b0a2 (patch)
tree: 1fa2efbe0800224c914f417fd76edc9d1dec58b1
parent: 99af7d32d42d7b77bae4f7747c02db959f35d668 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 2612a65bb..4993f2ffa 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,7 @@
 owncloud-news (1.806)
 * Disable simple pie sanitation (we use HtmlPurifier) to speed up update
+* Only purify articles if they will be added to the database
+* Fix XSS vulnerability that was caused by not purifing the body of imported articles
 
 owncloud-news (1.805)
 * Hide editing tools in invalid feed dialog
author	Bernhard Posselt <dev@bernhard-posselt.com>	2014-02-11 16:05:50 +0100
committer	Bernhard Posselt <dev@bernhard-posselt.com>	2014-02-11 16:05:58 +0100
commit	6612cde832cee90b033317f17c57cc9f2f68b0a2 (patch)
tree	1fa2efbe0800224c914f417fd76edc9d1dec58b1
parent	99af7d32d42d7b77bae4f7747c02db959f35d668 (diff)