MeshCentral/views at 9f8ea3a6b51ddf328c7b5d757259eb0c588fce4a - MeshCentral - Leffler.Media Gitea

MyFavMirrors/MeshCentral

mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-02-05 02:38:05 -05:00

History

Josiah Baldwin 04c96eb2ff

Fix/xss (#6403 )

* Fixed filenames not being escaped when editing files

This allowed a possible XSS by naming a file in a particular way on your device.

* Fixed HTML generation in webserver not escaping most things from req.query

This would allow XSS through a very simple phishing attack

* Added HtmlEscape to Mobile default as well

* Added sanitization to SAML redirect and Twitter/Azure

2024-09-26 21:09:34 -07:00

..

agentinvite.handlebars

show seperate macos mpkgs in web ui #6308

2024-08-06 15:33:49 +01:00

default-mobile.handlebars

Fix/xss (#6403 )

2024-09-26 21:09:34 -07:00

default.handlebars

Fix/xss (#6403 )

2024-09-26 21:09:34 -07:00

download2.handlebars

Added BREACH attack mittigation, #4084

2022-06-08 10:47:23 -07:00

download.handlebars

Added BREACH attack mittigation, #4084

2022-06-08 10:47:23 -07:00

error404-mobile.handlebars

Version 0.9.67

2022-01-10 18:02:19 -08:00

error404.handlebars

Added BREACH attack mittigation, #4084

2022-06-08 10:47:23 -07:00

error4042.handlebars

Improved 404 pages to support tight Content-Security-Policy HTTP headers.

2022-01-10 01:26:45 -08:00

invite.handlebars

Added BREACH attack mittigation, #4084

2022-06-08 10:47:23 -07:00

login2.handlebars

display flash errors for external auths like saml or oidc on the login screen #6154

2024-06-11 20:06:19 +01:00

login-mobile.handlebars

display flash errors for external auths like saml or oidc on the login screen #6154

2024-06-11 20:06:19 +01:00

login.handlebars

display flash errors for external auths like saml or oidc on the login screen #6154

2024-06-11 20:06:19 +01:00

message2.handlebars

Added BREACH attack mittigation, #4084

2022-06-08 10:47:23 -07:00

message.handlebars

Added BREACH attack mittigation, #4084

2022-06-08 10:47:23 -07:00

messenger.handlebars

fix webrtcconfig and allow stun servers #6309

2024-09-03 13:42:06 +01:00

mstsc.handlebars

Added BREACH attack mittigation, #4084

2022-06-08 10:47:23 -07:00

player.handlebars

fix player text align

2023-10-24 11:10:47 +01:00

sharing-mobile.handlebars

fix webrtc file upload maybe #6309

2024-09-03 14:46:25 +01:00

sharing.handlebars

add new line break feature to file edit #6365

2024-09-08 20:11:06 +01:00

ssh.handlebars

Fixed SSH with xterm.js (#4668 )

2022-10-25 09:58:04 -07:00

terms-mobile.handlebars

Agent core download and reverse proxy improvements.

2020-11-30 13:20:31 -08:00

terms.handlebars

Added BREACH attack mittigation, #4084

2022-06-08 10:47:23 -07:00

xterm.handlebars

fix writeUtf8 for ssh player

2023-09-20 19:40:58 +01:00