HomePhabricator

(bug 42202) Validate editfont before embedding it in CSS
6790a0ce962fUnpublished

Unpublished Commit · Learn More

Repository Importing: This repository is still importing.

Description

(bug 42202) Validate editfont before embedding it in CSS

If the editfont preference somehow had a value like "foo; color: blue",
we have a CSS injection problem. Normally preference validation should
protect against that, but the API module for setting preferences doesn't
perform any validation.

Change-Id: I5c12aa9a48bf4f6ea4a8fb44554d13189e7757fb

Details

Provenance
CatropeAuthored on
csteippCommitted on Nov 29 2012, 9:51 PM
Parents
rMW68c1489ca1f9: (bug 40995) Refresh SessionId on login
Branches
Unknown
Tags
Unknown
ChangeId
I5c12aa9a48bf4f6ea4a8fb44554d13189e7757fb