DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-09 23:24:06 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
snipe-it/app/Http/Requests
History
snipe e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
2019-12-05 22:23:05 -08:00
..
AssetCheckinRequest.php Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00
AssetCheckoutRequest.php Validate checkout_to_type on asset checkout 2017-11-27 21:20:12 -08:00
AssetFileRequest.php Fixes #5859 - add file name/size to file upload UI (#5861) 2018-07-16 20:09:53 -07:00
AssetRequest.php Fixes #7252 form request changes (#7272) 2019-07-18 14:32:23 -07:00
CustomFieldRequest.php Fixed - name should always be required in custom fields 2017-11-06 20:05:40 -08:00
ImageUploadRequest.php Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 2019-12-05 22:23:05 -08:00
ItemImportRequest.php Check for empty headers in import 2019-03-14 15:38:07 -07:00
Request.php Added better form request handling 2017-01-12 02:20:20 -08:00
SaveUserRequest.php Fixes #7252 form request changes (#7272) 2019-07-18 14:32:23 -07:00
SettingsLdapRequest.php Move LDAP validation into form request 2017-08-31 10:44:00 -07:00
SetupUserRequest.php Fixed #6703 - fixes password confirmation (#6711) 2019-02-13 23:01:19 -08:00