BigW Consortium Gitlab

  1. 16 Mar, 2018 5 commits
  2. 06 Mar, 2018 1 commit
  3. 01 Mar, 2018 3 commits
  4. 27 Feb, 2018 2 commits
  5. 07 Feb, 2018 1 commit
  6. 05 Feb, 2018 2 commits
  7. 02 Feb, 2018 1 commit
  8. 01 Feb, 2018 2 commits
    • Fix stored XSS in code blocks · dd7416a6
      Sean McGivern authored
      There were three things here:
      
      1. Display math was broken.
      2. <script> tags could be injected into code blocks with the language as `math`,
         `mermaid`, or `plantuml`.
      3. <script> tags could be injected if Rouge threw an exception, for whatever
         reason.
      
      This fixes all of those by always using the same code path for 'standard'
      highlighting and 'special' languages (mathematics, Mermaid, and PlantUML), and
      skipping the filter entirely if Rouge fails on a retry with the plain text
      filter. It also adds specs for KaTeX and Mermaid rendering.
    • Merge branch 'fix-mermaid-xss-10-3' into 'security-10-3' · fb829ac5
      Sean McGivern authored
      [10.3] Fix stored XSS in code blocks
      
      See merge request gitlab/gitlabhq!2317
  9. 31 Jan, 2018 3 commits
  10. 22 Jan, 2018 4 commits
  11. 19 Jan, 2018 16 commits