Ori Ratner
Ori Ratner
Just a note, we saw this XSS in the wild in our app. We got lucky because the injected text was only displayed back to the user who had just...
My bad guys. I think I figured out that we had a codepath that was disabling sanitization in this particular scenario. Angular-translate seems to prevent the issue when "escape" is...
We've upgraded to Postgres 12, which entailed adding the new `MATERIALIZED` keyword to many of our CTEs to preserve some intentional optimization fences. This issue has essentially crippled PgAnalyze for...
@lfittl Any update on PG12 support ETA? Didn't see any changes to the linked ticket.
@Koronei Thanks, that's a good idea; unfortunately, these queries are usually pretty fast, but are running often enough to warrant scrutiny in PgAnalyze, e.g.: as possible candidates for caching. @lfittl...
@gdeluna-branch Is the workaround provided by @fcamblor (including the session bug patch from #653) still necessary for GDPR compliance when using the Cordova SDK? We've just submitted an initial integration...
Update: this bug also manifests with a `\transt{}` that is by itself within a MathJax block. See screenshot below, where... 1. The first example is correct, 2. The second is...
@shadinaif @OmarIthawi just wanted to call out this bug, since it might be an easy fix given how simple the workaround is above!
@OmarIthawi no worries, the `{}` workaround keeps us unblocked for now!
This is interesting. Maybe I'm misunderstanding, but how will you be able to know if the comma separated numbers are a single number vs. a list of numbers? E.g.: `(1,234)`...