-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathChangeLog
More file actions
executable file
·26 lines (17 loc) · 1.29 KB
/
ChangeLog
File metadata and controls
executable file
·26 lines (17 loc) · 1.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
2010-02-17 Thorsten Kahler <thorsten.kahler@dkd.de>
* Security Fix: Check HTML output and tip URL with RemoveXSS
* Documentation: added TS configuration from TSRef
2009-12-17 Thorsten Kahler <thorsten.kahler@dkd.de>
* Security Fix: XSS vulnerability (IE6) in form action generation
* Replaced deprecated usage of split() by preg_split()
* Documentation: manual.sxw repaired; added all chapter headings; added screenshot (from TSref) in "Introduction"
2007-01-23 Andreas Otto <andreas.otto@dkd.de>, Thorsten Kahler <thorsten.kahler@dkd.de>
* Security fixes, class.tx_tipafriend.php, method validate(): A mail injection possibility was detected and removed.
2006-09-02 Rupert Germann <rupi@gmx.li>
* Security fixes: added the function validateUrl() to prevent cross-site-scripting. The function removes all html-tags from the tipUrl parameter and it checks for '"' (doublequote) in tipUrl. Additionally it checks if the given tipUrl belongs to the server to prevent sending urls of foreign servers.
2006-09-02 Michael Stucki <michael@typo3.org>
* Changed path to help image if no CODE was given
* Fixed manual.sxw which was broken in SVN (but not in TER)
2004-08-09 Andreas Otto <andreas.otto@dkd.de>
* Added the TYPO3_version flag.
* Created TYPO3_3_5_0 branch for 3.5.0 backwards compatibility.