Mercurial > p > roundup > code
annotate website/www/docs.txt @ 4851:24b8011cd2dc
Fix XSS in issue2550817
Note that the code that triggers that particular bug is no longer in
roundup core. But the change to the templates we suggest is a *lot*
safer as it always escapes the error and ok messages now.
If you are upgrading: you *MUST* read doc/upgrading.txt and do the
necessary changes to your templates, the escaping now happens in the
template and not in the roundup code. So if you don't make the necessary
changes *you are vulnerable*.
| author | Ralf Schlatterbeck <rsc@runtux.com> |
|---|---|
| date | Fri, 20 Dec 2013 18:24:10 +0100 |
| parents | e793eafba69c |
| children | 29d428927362 |
| rev | line source |
|---|---|
|
4035
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
1 Docs |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
2 ==== |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
3 |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
4 .. toctree:: |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
5 :maxdepth: 2 |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
6 |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
7 docs/features |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
8 docs/installation |
|
4610
e793eafba69c
Documentation: Synced the doc/index.txt and docs.txt. Removed outdated contact.txt.
Bernhard Reiter <bernhard@intevation.de>
parents:
4441
diff
changeset
|
9 docs/upgrading |
|
4035
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
10 docs/FAQ |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
11 docs/user_guide |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
12 docs/customizing |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
13 docs/admin_guide |
|
4441
6c0744fc024e
XML-RPC documentation now linked from the top docs navigation.
Bernhard Reiter <ber@users.sourceforge.net>
parents:
4035
diff
changeset
|
14 docs/xmlrpc |
|
4035
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
15 Design (original) <docs/design> |
|
e4950073153f
Adjust to better sync with roundup docs.
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff
changeset
|
16 docs/developers |
|
4610
e793eafba69c
Documentation: Synced the doc/index.txt and docs.txt. Removed outdated contact.txt.
Bernhard Reiter <bernhard@intevation.de>
parents:
4441
diff
changeset
|
17 docs/tracker_templates |
|
e793eafba69c
Documentation: Synced the doc/index.txt and docs.txt. Removed outdated contact.txt.
Bernhard Reiter <bernhard@intevation.de>
parents:
4441
diff
changeset
|
18 docs/acknowledgements |
|
e793eafba69c
Documentation: Synced the doc/index.txt and docs.txt. Removed outdated contact.txt.
Bernhard Reiter <bernhard@intevation.de>
parents:
4441
diff
changeset
|
19 docs/license |