- May 02, 2019
-
-
Antoine Lambert authored
Related T1508
-
Antoine Lambert authored
Related T1419
-
Antoine Lambert authored
-
Antoine Lambert authored
HTML rendering of Jupyter notebook is now integrated in browse content views with support for: - markdown rendering - code highlighting - math typesetting - ANSI color escape codes Nevertheless, the dynamic loading part of a notebook content (external scripts for instance) has been disabled through XSS filtering. Closes T1641
-
Antoine Lambert authored
- remove inlined webpack loader calls from module names - allow to reference external loaded scripts in the additionalScripts plugin option
-
- Apr 27, 2019
-
-
Kalpit Kothari authored
Summary: Related T1690 Added client side xss filter > Save code now is vulnerable to XSS attack. > > Steps to reproduce- > > Remove the validation from client side (with dev tools) > Enter this url in origin url > > https://github.com/%3Cscript%3Ealert(document.domain);%3C/script%3E > > We should add more validations at the server side to prevent such urls from entering into the database. For server side validations, I was thinking of preventing regex /.*(%3C).*(%3E)/ and /.*(javascript:).*/ There may be a few more cases we need to take care of. Or should we check if the url returns 200 or not before entering it to the table. Reviewers: #reviewers, anlambert Reviewed By: #reviewers, anlambert Subscribers: anlambert, vlorentz Differential Revision: https://forge.softwareheritage.org/D1433
-
- Apr 24, 2019
-
-
Antoine Lambert authored
-
- Apr 23, 2019
-
-
Antoine Lambert authored
Closes T1655
-
- Apr 19, 2019
-
-
Antoine Lambert authored
- put related code in a dedicated file - use a XSS filtering hook to fix some image relative src urls included in README HTML rendering (load image bytes from the archive content if available) - remove previoulsy introduced hacks in Python code as correct image loading in README HTML rendering is now handled client-side by the feature described above Related T1641
-
- Apr 18, 2019
-
-
Antoine Lambert authored
- ensure Alegreya font can not be overriden by other css rules - remove container padding to gain some horizontal display space
-
Antoine Lambert authored
-
- Apr 17, 2019
-
-
Antoine Lambert authored
- harmonize metadata field names and rename/remove/add some - factorize and cleanup link generation code - remove some dead code
-
Antoine Lambert authored
-
- Apr 15, 2019
-
-
Antoine Lambert authored
-
Antoine Lambert authored
Also apply XSS filtering for all supported README types: markdown, rst, org. Closes T1642
-
- Apr 12, 2019
-
-
Nicolas Dandrimont authored
-
- Apr 10, 2019
-
-
Antoine Lambert authored
-
Antoine Lambert authored
Closes T1639
-
- Apr 09, 2019
-
-
Antoine Lambert authored
-
Antoine Lambert authored
-
Antoine Lambert authored
-
- Apr 05, 2019
-
-
Antoine Lambert authored
-
Kalpit Kothari authored
Reviewers: #reviewers, anlambert Reviewed By: #reviewers, anlambert Subscribers: anlambert Differential Revision: https://forge.softwareheritage.org/D1339
-
- Apr 04, 2019
-
-
Kalpit Kothari authored
Reviewers: #reviewers, anlambert Subscribers: anlambert Differential Revision: https://forge.softwareheritage.org/D1339 Add docstring update docstring
-
- Apr 03, 2019
-
-
Augustine Tharakan authored
-
- Apr 01, 2019
-
-
Antoine Lambert authored
-
Summary: The checkboxes are not aligned with the text in the Search feature in swh-web project. Fixes T1615 with the checkboxes aligned with text. Made changes in the webapp.css file. Reviewers: #reviewers, anlambert Subscribers: anlambert Maniphest Tasks: T1615 Differential Revision: https://forge.softwareheritage.org/D1323
-
Antoine Lambert authored
-
- Mar 30, 2019
-
-
Summary: While rendering readme, scripts were also being executed. Example - https://archive.softwareheritage.org/browse/origin/https://github.com/kalpitk/test/directory/ and https://archive.softwareheritage.org/browse/revision/8428612a5f8d115deff9463fdff6da62d2fc6091/?origin=https://github.com/kalpitk/test Reviewers: #reviewers Differential Revision: https://forge.softwareheritage.org/D1322
-
- Mar 29, 2019
-
-
Summary: Add searchDelay of 1s to DataTable Reviewers: #reviewers, anlambert Reviewed By: #reviewers, anlambert Subscribers: anlambert Differential Revision: https://forge.softwareheritage.org/D1317
-
Antoine Lambert authored
-
Antoine Lambert authored
-
Antoine Lambert authored
-
- Mar 27, 2019
-
-
Heap permutation for more than 8 strings takes high amount of memory and can make browsers crash
-
Antoine Lambert authored
-
Antoine Lambert authored
This may be useful to remove junk requests but also to resolve some issues when swh scheduler has issues in production
-
-
Antoine Lambert authored
To ease copy/paste of source code or web api response for instance, add the possibility to select the whole content of a code/pre element using double click or the following procedure: 1. click inside the code/pre element to make it the focus 2. hit Ctrl+A to select all its textual content
-
- Mar 25, 2019
-
-
Antoine Lambert authored
See https://github.com/wcoder/highlightjs-line-numbers.js/pull/62 for more details.
-
- Mar 15, 2019
-
-
Antoine Lambert authored
-