Mercurial > p > roundup > code
annotate doc/sc.txt @ 8356:63390dcfcfe9
bug: fix template use of structure with untrusted data
Looks like an xSS bug with an early version of the template that was
fixed in the code but never in the deployed tracker. It has been a
while since this particular construct has been in the classic template
which is the base for the tracker.
This has been fixed on the deployed tracker as well.
reported by 4bug of ChaMd5 Security Team H1 Group
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 08 Jul 2025 10:23:09 -0400 |
| parents | 09efdecff863 |
| children |
| rev | line source |
|---|---|
|
7787
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
1 .. meta:: |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
2 :description: |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
3 |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
4 Original documentation of the Roundup Issue tracker. Includes |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
5 historic Software Carpentry submissions and a short paper. |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
6 |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
7 =================================== |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
8 Software Carpentry and Short Papers |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
9 =================================== |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
10 |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
11 These papers are the original artifacts of Roundup. They can't be |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
12 included easily in the table of contents for the documentation, so |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
13 they are referenced here. All of these were written by Ka-Ping Yee, |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
14 the original architect of Roundup.. |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
15 |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
16 A few of the pages have been updated to correct links. However you may |
|
8111
394f72021dad
docs: replace redirecting url's with target
John Rouillard <rouilj@ieee.org>
parents:
7787
diff
changeset
|
17 still have to use the `wayback machine <https://web.archive.org>`_ |
|
7787
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
18 to access some of the links on these pages. The papers in |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
19 chronological order are: |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
20 |
|
8349
09efdecff863
docs: remove verb "see" from lists.
John Rouillard <rouilj@ieee.org>
parents:
8111
diff
changeset
|
21 * `A short paper explaining Roundup <roundup_short_paper.html>`_ |
|
7787
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
22 |
|
8349
09efdecff863
docs: remove verb "see" from lists.
John Rouillard <rouilj@ieee.org>
parents:
8111
diff
changeset
|
23 * `The original overview document for Roundup submitted to the |
|
7787
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
24 Software Carpentry competition <original_overview.html>`_ |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
25 |
|
8349
09efdecff863
docs: remove verb "see" from lists.
John Rouillard <rouilj@ieee.org>
parents:
8111
diff
changeset
|
26 * `The original specification document for Roundup submitted to the |
|
7787
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
27 Software Carpentry competition <spec.html>`_ |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
28 |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
29 |