DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-10 07:34:06 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
snipe-it/app/Http
History
snipe e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
2019-12-05 22:23:05 -08:00
..
Controllers Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 2019-12-05 22:23:05 -08:00
Middleware Set the serialization 2019-05-22 00:51:43 -07:00
Requests Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 2019-12-05 22:23:05 -08:00
Traits Fix tests 2018-07-09 21:57:45 -07:00
Transformers Adding Dept to license seats (#7609) 2019-11-21 22:03:56 -08:00
Kernel.php CORS for api (#7292) 2019-07-26 12:38:31 -07:00