amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-05-19 10:25:27 +00:00
Code Issues Projects Releases Wiki Activity

fix(security): Security fix for WSTG-INPV-02. Add XSS protection on folders and mail title / content

Browse Source
This commit is contained in:
smizrahi
2022-11-14 14:36:41 +01:00
parent 967479335c
commit 714acfc838
9 changed files with 91 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
UI/MailPartViewers/UIxMailPartViewer.m
+1 -1
View File
@@ -198,7 +198,7 @@
return [NSDictionary dictionaryWithObjectsAndKeys:
[self className], @"type",
type, @"contentType",
[[self generateResponse] contentAsString], @"content",
[[[self generateResponse] contentAsString] stringWithoutHTMLInjection: NO], @"content",
[self filenameForDisplay], @"filename",
[self preferredPathExtension], @"extension",
[[self sizeFormatter] stringForObjectValue: [bodyInfo objectForKey: @"size"]], @"size",