Branch: refs/heads/2.0.0
Home:
https://github.com/tribe29/checkmk
Commit: 31fffa1db8fe46073097aa7b127f87de12c85765
https://github.com/tribe29/checkmk/commit/31fffa1db8fe46073097aa7b127f87de1…
Author: Tom Baerwinkel <tom.baerwinkel(a)tribe29.com>
Date: 2021-05-11 (Tue, 11 May 2021)
Changed paths:
M cmk/gui/valuespec.py
Log Message:
-----------
TextUnicode: remove from_html_vars
This is one more step towards TextAscii. get_unicode_input_mandatory
is just an alias for get_str_input_mandatory which TextAscii uses.
As an additional benefit TextUnicode now honors the strip option.
Change-Id: Ie4ebaec5e1b7c0a14093b72423ac8b9b723f355c
Commit: b023ef858157bbb2d678635866aa9666e19d983d
https://github.com/tribe29/checkmk/commit/b023ef858157bbb2d678635866aa9666e…
Author: Tom Baerwinkel <tom.baerwinkel(a)tribe29.com>
Date: 2021-05-11 (Tue, 11 May 2021)
Changed paths:
A .werks/12762
M cmk/gui/htmllib.py
M cmk/gui/plugins/wato/utils/__init__.py
M cmk/gui/valuespec.py
M cmk/gui/wato/mkeventd.py
M cmk/gui/wato/pages/ldap.py
M cmk/gui/wato/pages/tags.py
Log Message:
-----------
Fix several XSS issues
* JavaScript was executed in the rule overview if a script
was entered in the Text to match of EC rules.
* JavaScript was executed if scripts were entered in the LDAP
server and failover server and "Save & Test" was clicked
* JavaScript was executed in the tag overview and notification
rules if sripts were entered in the the title, topic and
help text of aux tags and tags.
FEED-6031
Change-Id: Iffe715253df45434e850fb1c571d41392c68a26c
Compare:
https://github.com/tribe29/checkmk/compare/b526266cdf24...b023ef858157