intercom-rails icon indicating copy to clipboard operation
intercom-rails copied to clipboard

Published 20 hours ago verified publisher icon intercom

Escape intercom settings (XSS).

Open marshall-lee opened this issue 7 years ago • 3 comments

marshall-lee avatar Apr 05 '17 17:04 marshall-lee

@marshall-lee Do you need to be changing the specs for this change? At a glace I'd imagine you're only really wanting to change script_tag.rb. Also CI has failed, need to get this passing I think before anyone will properly look at this and maybe add a comment here as to what you see as the issue.

evolve2k avatar Jul 11 '17 00:07 evolve2k

bump

evolve2k avatar Aug 06 '17 09:08 evolve2k

@evolve2k yes, specs need to be changed because now we encode json differently (escaping has been added). I rebased my branch, now CI fails only on some of the gemfiles.

marshall-lee avatar Aug 06 '17 15:08 marshall-lee