github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2025-01-16 16:12:35 +00:00
Code Issues Projects Releases Packages Wiki Activity
overleaf/services/web/public/coffee/main
History
Shane Kilkelly 7f7b10aa09 Sanitize display of system messages. 
When showing system-messages, use default Angular sanitizer, also,
on the admin panel itself, show the verbatim text of the message.

This solves a mild Stored-XSS vulnerability whereby a user could
put `<script>` tags in a message. We don't want that, but we do want
to be able to use basic html tags.
2018-08-22 10:15:50 +01:00
..
affiliations Move default email checking logic into the data service. 2018-08-20 12:15:15 +01:00
project-list
subscription
account-settings.coffee Move default email checking logic into the data service. 2018-08-20 12:15:15 +01:00
account-upgrade.coffee
announcements.coffee
annual-upgrade.coffee
bonus.coffee
clear-sessions.coffee
contact-us.coffee
event.coffee
group-members.coffee
keys.coffee
learn.coffee
new-subscription.coffee Handle sixpack timeouts and include variant in metabase segmentation 2018-08-17 10:29:45 -05:00
plans.coffee Handle sixpack timeouts and include variant in metabase segmentation 2018-08-17 10:29:45 -05:00
register-users.coffee
scribtex-popup.coffee
subscription-dashboard.coffee
system-messages.coffee Sanitize display of system messages. 2018-08-22 10:15:50 +01:00
templates.coffee
translations.coffee
user-details.coffee