Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f351b05031dfeda252518ea66f6e007884aa433d
edx-platform/common/djangoapps
History
Julia Hansbrough f351b05031 Fixing email link injection bug 
Several templates used a variable set by the user (the request host header).  This led to a vulnerability where an attacker could inject their domain name into these templates (i.e., activation emails).  This patch fixes this vulnerability.

LMS-532
2013-12-18 13:38:36 -05:00
..
cache_toolbox
Remove unused imports from common, as reported by pylint.
2013-06-19 16:56:34 -04:00
contentserver
Revert "Revert "Merge pull request #1240 from edx/dhm/config_separation""
2013-10-18 09:22:30 -04:00
course_groups
mitxmako => edxmako
2013-12-03 14:15:09 -05:00
course_modes
Merge pull request #1744 from edx/flowerhack/feature/verified-cert-events
2013-12-10 11:47:47 -08:00
datadog
Remove dogstatsd-python in favor of dogapi
2013-09-11 19:28:58 -04:00
django_comment_common
Change forum role granted to staff on enrollment
2013-12-05 12:54:12 -05:00
django_future
Cleaning up pep8 violations
2012-07-23 14:44:40 -04:00
edxmako
Fixing email link injection bug
2013-12-18 13:38:36 -05:00
external_auth
Merge pull request #1941 from edx/diana/openid-fullname
2013-12-13 07:32:34 -08:00
heartbeat
convert all datetime.now() to datetime.now(UTC)
2013-07-22 17:39:11 -04:00
monitoring
Move libraries that can only be imported in the context of django into common/djangoapps
2012-06-18 13:48:26 -04:00
pipeline_js
mitxmako => edxmako
2013-12-03 14:15:09 -05:00
pipeline_mako
settings.MITX_FEATURES => settings.FEATURES
2013-12-03 15:34:55 -05:00
request_cache
use a request-scoped cache to keep the metadata inheritence tree around for the whole request. This means we should only do one trip to Memcached/Mongo per course per request. This is expected to keep memory utilization down
2013-03-27 22:37:07 -04:00
service_status
Use assertIsInstance.
2013-10-07 18:17:40 -04:00
static_replace
Updating comments and docs for MITx -> edX transition
2013-12-10 13:21:18 -05:00
status
Remove unused imports from common, as reported by pylint.
2013-06-19 16:56:34 -04:00
student
Fixing email link injection bug
2013-12-18 13:38:36 -05:00
terrain
Acceptance tests for grades download
2013-12-09 18:28:41 -05:00
track
Response to CR
2013-12-05 19:14:45 +00:00
util
Fixing email link injection bug
2013-12-18 13:38:36 -05:00
xmodule_modifiers.py
Merge pull request #814 from edx/bugfix/ichuang/make-edit-link-use-static-asset-path
2013-12-10 13:58:13 -08:00