d40e9056bc
* fix(lib): block XSS attacks via nonstandard URLs This could allow an attacker to craft an Anubis pass-challenge URL that forces a redirect to nonstandard URLs, such as the `javascript:` scheme which executes arbitrary JavaScript code in a browser context when the user clicks the "Try again" button. Release-status: cut Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>
7 lines
No EOL
48 B
Text
7 lines
No EOL
48 B
Text
github
|
|
https
|
|
ssh
|
|
ubuntu
|
|
workarounds
|
|
rjack
|
|
msgbox |