lakeFS icon indicating copy to clipboard operation
lakeFS copied to clipboard

Published 20 hours ago verified publisher icon treeverse

WebUI: Sanitize user-input fields of PRs

Open itaigilo opened this issue 1 year ago • 2 comments

Closes #8203.

Change Description

Adding sanitize for user-input fields of a PR, to prevent malicious attacks. Currently it's only relevant for title + description when creating a PR.

Using the very popular DOMPurify package.

Testing Details

Verified manually that PR creation still works.

itaigilo avatar Oct 08 '24 19:10 itaigilo

E2E Test Results - DynamoDB Local - Local Block Adapter

13 passed

github-actions[bot] avatar Oct 08 '24 19:10 github-actions[bot]

E2E Test Results - Quickstart

11 passed

github-actions[bot] avatar Oct 08 '24 19:10 github-actions[bot]