discourse

mirror of https://github.com/discourse/discourse.git synced 2024-11-27 03:10:46 -06:00

History

Roman Rizzi df3eb93973 DEV: Sanitize HTML admin inputs (#14681 ) * DEV: Sanitize HTML admin inputs This PR adds on-save HTML sanitization for: Client site settings translation overrides badges descriptions user fields descriptions I used Rails's SafeListSanitizer, which [accepts the following HTML tags and attributes](`018cf54073/lib/rails/html/sanitizer.rb (L108)`) * Make sure that the sanitization logic doesn't corrupt settings with special characters		2021-10-27 11:33:07 -03:00
..
assets	DEV: nullify cachedCookFunction to prevent retains (#14737 )	2021-10-27 16:29:36 +02:00
controllers
helpers
jobs
mailers
models	DEV: Sanitize HTML admin inputs (#14681 )	2021-10-27 11:33:07 -03:00
serializers
services
views	FIX: improvements for download local dates (#14588 )	2021-10-14 09:22:44 +11:00