Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Update AntiXssEncoder.xml for issue 10378#10379

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Open
JeffSchwandt wants to merge1 commit intodotnet:main
base:main
Choose a base branch
Loading
fromJeffSchwandt:main

Conversation

JeffSchwandt
Copy link

@JeffSchwandtJeffSchwandt commentedSep 9, 2024
edited by Rick-Anderson
Loading

Summary

Fixes Issue#10378

  • Corrected examples where (Space) was incorrectly encoded as 
  • Added headings to the example table where they were missing.

Corrected examples of encoding.Added table headings where they were missing.
@dotnet-policy-servicedotnet-policy-servicebot added the community-contributionIndicates that the PR has been added by a community member labelSep 9, 2024
@ghostghost added the area-System.SecurityIssues related to security practices for .NET developers. labelSep 9, 2024
@dotnet-policy-serviceDotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security,@vcsjones

@JeffSchwandt
Copy link
Author

JeffSchwandt commentedSep 9, 2024
edited
Loading

@dotnet-policy-service agree company="FNF"

@learn-build-service-prodLearn Build Service (PROD)

Learn Build status updates of commit4c9b3d3:

✅ Validation status: passed

FileStatusPreview URLDetails
xml/System.Web.Security.AntiXss/AntiXssEncoder.xml✅SucceededView

For more details, please refer to thebuild report.

For any questions, please:

@@ -180,11 +180,11 @@

|Input examples| Encoded outputs|
|-|-|
|`alert('XSS Attack!');`|`alert('XSS Attack!');`|
|`alert('XSS Attack!');`|`alert('XSSAttack!');`|
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I don't see the space character listed as a safe character in the table that starts on line 142. Does it need to be added?

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers

@gewarrengewarrengewarren left review comments

@Rick-AndersonRick-AndersonAwaiting requested review from Rick-Anderson

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
area-System.SecurityIssues related to security practices for .NET developers.community-contributionIndicates that the PR has been added by a community member
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

2 participants
@JeffSchwandt@gewarren
[8]ページ先頭
©2009-2025 Movatter.jp