Mercurial > p > roundup > code
view doc/glossary.txt @ 4851:24b8011cd2dc
Fix XSS in issue2550817
Note that the code that triggers that particular bug is no longer in
roundup core. But the change to the templates we suggest is a *lot*
safer as it always escapes the error and ok messages now.
If you are upgrading: you *MUST* read doc/upgrading.txt and do the
necessary changes to your templates, the escaping now happens in the
template and not in the roundup code. So if you don't make the necessary
changes *you are vulnerable*.
| author | Ralf Schlatterbeck <rsc@runtux.com> |
|---|---|
| date | Fri, 20 Dec 2013 18:24:10 +0100 |
| parents | 25fcb87a8301 |
| children | 6834bb5473da |
line wrap: on
line source
================ Roundup Glossary ================ class a definition of the properties and behaviour of a set of items db (or hyperdb) a collection of items designator a combined class + itemid reference to any item in the hyperdb itemid a numeric reference to a particular item of one class item a collection of data that forms one entry in the hyperdb. property one element of data that makes up an item. In Roundup, the set of item properties may be changed as needed - even after the tracker has been initialised and used in production. schema the definition of all the classes that make up an tracker tracker the schema and hyperdb that forms one issue tracker tracker home the physical location on disk of a tracker ----------------- Back to `Table of Contents`_ .. _`Table of Contents`: index.html