george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

XSS flaw correction

Browse Source 
With a client IE < 10 there was a XSS security flaw. Other browsers were
not affected.
Also corrected spacing display with IE<10.

(cherry picked from commit 28813cd82ae47e556b610da3c7302a6709e27431)

Conflicts:
	CHANGELOG.md
	index.php
	js/zerobin.js
	lib/vizhash16x16.php
This commit is contained in:
Sebastien SAUVAGE
2013-07-05 01:14:23 +02:00
committed by El RIDO
parent d9930978ba
commit bc8b23d35e
16 changed files with 23 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@@ -63,4 +63,7 @@
* ADDED: Better json checking (including entropy).
* ADDED: Added version to js/css assets URLs in order to prevent some abusive caches to serve an obsolete version of these files when ZeroBin is upgraded.
* "Burn after reading" option has been moved out of Expiration combo to a separate checkbox. Reason is: You can prevent a read-once paste to be available ad vitam eternam on the net.
* **Alpha 0.19 (2013-07-05)**:
* Corrected XSS security flaw which affected IE<10. Other browsers were not affected.
* Corrected spacing display in IE<10.