diff options
author | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-02-11 16:05:50 +0100 |
---|---|---|
committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-02-11 16:05:58 +0100 |
commit | 6612cde832cee90b033317f17c57cc9f2f68b0a2 (patch) | |
tree | 1fa2efbe0800224c914f417fd76edc9d1dec58b1 /CHANGELOG | |
parent | 99af7d32d42d7b77bae4f7747c02db959f35d668 (diff) |
fix XSS when importing articles, speed up update and adding of feeds by only purifying content that will be added to the db
Diffstat (limited to 'CHANGELOG')
-rw-r--r-- | CHANGELOG | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -1,5 +1,7 @@ owncloud-news (1.806) * Disable simple pie sanitation (we use HtmlPurifier) to speed up update +* Only purify articles if they will be added to the database +* Fix XSS vulnerability that was caused by not purifing the body of imported articles owncloud-news (1.805) * Hide editing tools in invalid feed dialog |