khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-03 10:20:02 +07:00
Code Issues Packages Projects Releases Wiki Activity

added xss links, cleaned up todo

Browse Source
This commit is contained in:
Bernhard Posselt
2012-10-29 12:38:58 +01:00
parent 45caf0164c
commit 873bbfcb18
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
developer_manual/templates.rst
View File

@@ -4,7 +4,7 @@ Templates
Owncloud uses its own templating system.
TODO: disallow print(), echo, and php template printing, check not using filesystem traversal in link_to and image_path, check for accuracy, easy_install -U sphinxcontrib-phpdomain
TODO: Security: disallow print(), echo, <?=, error_log()
Template class
--------------
@@ -115,4 +115,6 @@ TBD
Further reading
---------------
TODO: XSS links
http://en.wikipedia.org/wiki/Cross-site_scripting
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29