Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,492 Commits 1 Branch 0 Tags
dbcd8066e5449b3d104f2d89d45ceb3a00ea3685
Commit Graph

25 Commits

Author SHA1 Message Date
Azan Bin Zahid
705253e20a chore: update thresholds after IM security fixes 10 2021-04-06 15:40:04 +05:00
Ali-D-Akbar
bea2b12095 update thresholds after IM security fixes 9 2021-02-17 14:58:33 +05:00
Ali-D-Akbar
da1330de9e update thresholds after IM security fixes 8 2021-02-08 22:27:21 +05:00
Ali-D-Akbar
05bc0b9273 update thresolds after IM security fixes 7 2021-02-04 09:50:20 +05:00
Ali-D-Akbar
5daea1401e update threshold after IM security fixes 6 2021-02-01 12:50:26 +05:00
Ali-D-Akbar
4f2db21363 update thresholds after IM security fixes 5 2021-01-20 00:36:37 +05:00
Ali-D-Akbar
aa6da77c4e update thresholds after IM security fixes 4 2021-01-11 15:02:29 +05:00
Ali Akbar
40fdf46f81 update after IM security fixes 3 (#25983) 2021-01-05 16:12:05 +05:00
Ali-D-Akbar
bd13b59254 match the defined thresholds with the current violations on master 2020-12-11 02:06:09 +05:00
Samuel Walladge
43f0cd72af Merge remote-tracking branch 'origin/master' into samuel/fix-unescaped-selector 2020-06-16 09:52:38 +09:30
Waheed Ahmed
c7f4e16470 Fix XSS lint issues for course_cta_text 
PROD-1602
 2020-05-21 12:51:07 +05:00
Samuel Walladge
71fcf6e725 Fix issues with xss linters 
Improve accuracy of javascript-escape linter: Previously this would
match on FOOescape() and FOO.escape calls, but neither are the global
escape function we are worried about.

The regex probably isn't 100% accurate; there may be still false
positives (javascript allows a large range of characters in identifiers,
some of which may not be covered by [\w.$]). The main thing is to avoid
false negatives here though - this will definitely catch any use of
`escape()` or `window.escape()`.

Also remove javascript-interpolate lint - this was deemed unecessary.
StringUtils.interpolate is not in fact safe (it does no html escaping),
so the results of this lint are misleading.
 2020-05-04 09:27:18 +09:30
Feanil Patel
189b135c37 Update linting threshold since master is broken. 2019-08-08 15:14:42 -04:00
Adeel Khan
477963bcfc Update linter threshold and add new violations. 2019-08-07 02:34:25 +05:00
Jeremy Bowman
f9929f32b5 Update quality threshold counts (#20681) 2019-05-24 08:27:54 -04:00
Robert Raposa
0339bb8783 Reduce xsslint thresholds. 2019-02-25 12:13:48 -05:00
Robert Raposa
3bb6352bc2 Lowering xss thresholds 2018-01-29 10:20:33 -05:00
Eric Fischer
3687d6aa62 fix a few xss errors 2017-12-04 11:56:26 -05:00
Eric Fischer
bc8fa5eaaa unbreak master tests 2017-11-30 11:03:41 -05:00
Robert Raposa
1fdba18502 Lower thresholds. 2017-11-20 10:27:51 -05:00
Robert Raposa
1936ab6f5c Lower xss thresholds. 2017-09-11 12:17:38 -04:00
Robert Raposa
8f184c257d Reduce xss lint thresholds. 2017-08-28 09:20:17 -04:00
Matthew Piatetsky
68772316ef Change make missing default threshold 2017-08-23 16:09:02 -04:00
Robert Raposa
cbcc8d4d18 Reduce xss thresholds. 2017-07-05 10:12:26 -04:00
Robert Raposa
168a45b482 Part I: Rename xss-linter (files only). 
This requires the next commit to work, but needed to be
is a separate commit to keep history.
 2017-06-30 13:18:50 -04:00