forked from OpenNeo/impress
Matchu
5601511ad5
This one was actually pretty darn clever - nobody's abused it, but I was reading a blog post where someone described this type of issue, I realized it was a brilliant attack, and then realized DTI was vulnerable. Oops. Thanks for the solution, Jamie! http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix |
||
---|---|---|
.. | ||
application_helper.rb | ||
broken_image_reports_helper.rb | ||
closet_hangers_helper.rb | ||
closet_lists_helper.rb | ||
closet_pages_helper.rb | ||
contribution_helper.rb | ||
item_zone_sets_helper.rb | ||
items_helper.rb | ||
outfits_helper.rb | ||
static_helper.rb |