Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/static
History
Anders Kaseorg 3eb2791c3e CVE-2021-3853: Fix HTML escaping in recipient_row. 
Commit 44f935695d (#20462) incorrectly
added these extra braces while intending to add whitespace control.
This triple-brace syntax was asking Handlebars to skip escaping the
string.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
 		2022-01-18 21:28:21 -08:00
..
assets icons: Set font-display: block for icon font. 2021-08-23 15:59:54 -07:00
audio notificaiton_sounds: Add some atonal sounds created by @stwime. 2021-02-05 12:28:20 -08:00
generated
html templates: Mark all void tags as self-closing. 2021-04-21 09:49:34 -07:00
images policies: Fix typo in Data Processing Addendum. 2021-12-14 23:20:19 -08:00
js topic_list: Fix search box not focused in expanded state. 2022-01-18 16:53:25 -08:00
shared typo: Rename default_hander to default_handler. 2021-12-28 09:19:57 -08:00
styles i18n: Fix 'add choice' / 'add task' button size. 2022-01-18 12:46:45 -08:00
templates CVE-2021-3853: Fix HTML escaping in recipient_row. 2022-01-18 21:28:21 -08:00
third lint: Fix typos found by codespell. 2021-10-19 16:51:13 -07:00
.gitignore dependencies: Replace moment.js with date-fns. 2021-02-05 11:04:32 -08:00