dice/impress
1
0
Fork 0
forked from OpenNeo/impress
Code Pull requests Activity
impress/app/views
History
Matchu 5601511ad5 xss vulnerability in outfits#show 
This one was actually pretty darn clever - nobody's abused it, but
I was reading a blog post where someone described this type of
issue, I realized it was a brilliant attack, and then realized
DTI was vulnerable. Oops. Thanks for the solution, Jamie!

http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix
2012-10-20 17:56:38 -05:00
..
broken_image_reports carrierwave for asset swfs 2012-07-16 16:45:26 -04:00
closet_hangers filter lists on petpage export 2012-04-08 15:59:51 -05:00
closet_lists improve closet performance by caching item link 2012-08-09 19:34:56 -04:00
contributions give user paths a canonical tag 2011-07-26 18:56:14 -04:00
items better cache items#show 2012-08-10 00:02:11 -04:00
layouts add thumbnails to outfits#show via open graph 2012-07-29 16:45:12 -04:00
neopets_pages import sdb as well as closet 2011-08-02 22:42:56 -04:00
neopets_users import items from pets 2011-08-03 11:35:06 -04:00
outfits xss vulnerability in outfits#show 2012-10-20 17:56:38 -05:00
pets fix logout bug: stop caching authenticity_token fields 2012-08-07 17:32:51 -04:00
sitemap dynamic robots.txt to refer to sitemap.xml 2011-05-20 20:59:35 -04:00
static oops, remove maintenance message 2012-01-26 13:30:12 -06:00
users top contributors 2010-11-06 12:15:10 -04:00