WebWorldWind icon indicating copy to clipboard operation
WebWorldWind copied to clipboard

Published 20 hours ago verified publisher icon NASAWorldWind

Patch for DOMXSS

Open OOCAZ opened this issue 1 year ago • 3 comments

Note: Filling out this template is required. Any pull request that does not include enough information to be reviewed in a timely manner may be closed at the maintainer's discretion.

Description of the Change

Added sanitizing of append

Why Should This Be In Core?

To prevent DOMXSS.

Benefits

The benefits of this patch include extra protection against DOMXSS.

Potential Drawbacks

NA

Applicable Issues

NA

OOCAZ avatar Mar 15 '23 18:03 OOCAZ

Needs more testing, but I believe this is patched in this PR.

OOCAZ avatar Mar 15 '23 18:03 OOCAZ

Ran unit tests and it passes

OOCAZ avatar Mar 20 '23 21:03 OOCAZ

can we get another approver to look at this? @PJHogan?

OOCAZ avatar Mar 27 '23 23:03 OOCAZ