| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2009-08-29 | Have url::site() and other methods return a SafeString, just as t() and t2(). | Andy Staudacher | |
| Benefits: - url::site() is often used in views and we can ensure in the url class that returned strings are indeed safe for use in HTML. Makes the list of vars of unknown safety status shorter. - url::site() is often used as message parameter to t() and t2(). The parameter would be HTML-escaped if it wasn't marked as safe HTML already. Makes the usage simpler / shorter. | |||
| 2009-08-29 | Adding SafeString which is going to replace p::clean() and p::purify(). | Andy Staudacher | |
| Refactoring of Xss_Security_Test. t() and t2() return a SafeString instance. TODO: - Update all code to use SafeString where appropriate. - Update golden fole of Xss_Security_Test - Stop reporting CLEAN vars in Xss_Security_Test | |||
| 2009-07-16 | Update Xss_Security_Test to know about p::purify() and checkpoint the | Bharat Mediratta | |
| golden file. | |||
| 2009-06-05 | Remove source code copy artefact | Andy Staudacher | |
| 2009-06-04 | Change "CLEAN" to an empty string to see if it's better visually. | Bharat Mediratta | |
| Looks like it is. | |||
| 2009-05-31 | Update the clean/dirty format, check all ffiles instead of just one (which ↵ | Bharat Mediratta | |
| was for debugging) | |||
| 2009-05-31 | First pass at an XSS security test, along with the "p" helper which | Bharat Mediratta | |
| can clean HTML output. | |||
 |
index : gallery3.git | |
| A clone of the Gallery3 code for testing and development. | root |
| summaryrefslogtreecommitdiff |