openstack
/
manila-ui
Code Issues Proposed changes
manila-ui/manila_ui/dashboards/project/shares
History
Valeriy Ponomaryov fca19a1b0d Fix metadata_to_str function code injection vulnerability 
It is possible to inject HTML/JavaScript code into shares table
member page setting metadata to shares and share types table admin page
setting extra specs. So, escape HTML-specific symbols in output
string of 'metadata_to_str' function to make it interpreted
as string and not as code.

Change-Id: Ied567e06d91941e9aaac7d3117e03cd1770fb75e
Security-Fix
Closes-Bug: #1597738
 		2016-09-28 14:53:11 +03:00
..
replicas Read list of AZs using manila's API instead of nova's 2016-09-12 14:54:52 +03:00
security_services Merge "Fix tables layout" 2016-08-30 12:55:53 +00:00
share_networks Merge "Fix tables layout" 2016-08-30 12:55:53 +00:00
shares Fix metadata_to_str function code injection vulnerability 2016-09-28 14:53:11 +03:00
snapshots Table actions improvement 2016-07-27 12:44:46 +03:00
templates/shares Add Share Migration support 2016-09-01 10:57:55 -03:00
__init__.py Fix get_disabled_quotas 2016-08-11 12:02:54 +03:00
panel.py Remove vim headers 2016-07-12 12:33:36 +03:00
urls.py Add share replication support 2016-08-30 17:05:40 +03:00
views.py Remove incorrect docstrings 2016-07-26 13:25:25 +03:00