• last updated 5 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
- harden page-contracts against injections

- update version dependeny for acs-tcl

- bump version number

- bump version number to 5.8.3d3

    • -2
    • +2
    /openacs-4/packages/acs-tcl/acs-tcl.info
- rename "wordplus" by "token"

- rename "wordplus" by "token"

- add "word" and "wordplus" for page contract filters to improve security

- use plain characters in for page contract filter names

- add word+ page contract

- fix typo

- harden page contract

- add page contract filter for words

- improve message keys

- fix quote

- fix quotes

- fix typo

- improve validity of HTML

- quote HTML attributes

- improve safety of HTML

- quote HTML attributes

- quote HTML attributes

    • -12
    • +12
    /openacs-4/packages/download/www/archive-add.adp
    • -14
    • +14
    /openacs-4/packages/download/www/one-revision.adp
- quote html attributes

    • -10
    • +10
    /openacs-4/packages/bookmarks/www/bookmark-edit.adp
- improve safety of HTML

- quote HTML attributes

    • -9
    • +9
    /openacs-4/packages/wp-slim/www/index.adp
  1. … 13 more files in changeset.
- make HTML valid

- protect against XSS attacks

- quote hrefs

- more sane HTML generation

- fix quoting of attributes

- quote HTML attributes

- make sure to quote hrefs

- ensure quoting of hrefs

- make sure to quote hrefs

- quote HTML attributes

- improve documentation

- add noi18n for symmetry (quote, but no message key substitution)

- add documentation for noquote, literal and noi18n

- bump version number

- remove deprecated calls