Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Fix some XSS in v3 #23687

Merged
merged 1 commit into from
Sep 14, 2017
Merged

Fix some XSS in v3 #23687

merged 1 commit into from
Sep 14, 2017

Conversation

Johann-S
Copy link
Member

@Johann-S Johann-S commented Aug 26, 2017
edited by bardiharborow
Loading

@Johann-S Johann-S requested review from mdo and XhmikosR August 26, 2017 09:46
houndci-bot
houndci-bot reviewed Aug 26, 2017
View reviewed changes
js/carousel.js Outdated
@@ -208,8 +208,11 @@
var clickHandler = function (e) {
var href
var $this = $(this)
var $target = $($this.attr('data-target') || (href = $this.attr('href')) && href.replace(/.*(?=#[^\s]+$)/, '')) // strip for ie7
var target = $this.attr('data-target') || (href = $this.attr('href')) && href.replace(/.*(?=#[^\s]+$)/, '') // strip for ie7
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Line is too long.

@Johann-S
Copy link
Member Author

Error in our gh_pages 🤔
https://travis-ci.org/twbs/bootstrap/jobs/268638535#L546

@XhmikosR
Copy link
Member

Yeah, I don't think this branch is right. We have changes in v3-dev branch and that is what you should target.

@Johann-S
Copy link
Member Author

Johann-S commented Aug 26, 2017
edited
Loading

@mdo made a lot of work in this branch see : https://github.com/twbs/bootstrap/commits/v3.4.0-dev
maybe instead you should put your work on this branch

@Johann-S Johann-S force-pushed the v3-xss-data-target branch from 3c3e598 to 603f925 Compare August 26, 2017 09:54
houndci-bot
houndci-bot reviewed Aug 26, 2017
View reviewed changes
js/carousel.js Outdated
@@ -208,8 +208,13 @@
var clickHandler = function (e) {
var href
var $this = $(this)
var $target = $($this.attr('data-target') || (href = $this.attr('href')) && href.replace(/.*(?=#[^\s]+$)/, '')) // strip for ie7
var target = $this.attr('data-target')
|| (href = $this.attr('href')) && href.replace(/.*(?=#[^\s]+$)/, '') // strip for ie7
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Line is too long.

@Johann-S Johann-S force-pushed the v3-xss-data-target branch from 603f925 to d9be1da Compare August 26, 2017 10:00
@XhmikosR
Copy link
Member

But all I'm saying it's just when Mark is done, he should merge his changes in v3-dev. v3.4.0 seems a lot more specific, more of a WIP branch that will be merged to the base v3-dev one when done.

@Johann-S Johann-S merged commit 29f9237 into v3.4.0-dev Sep 14, 2017
@Johann-S Johann-S deleted the v3-xss-data-target branch September 14, 2017 08:07
@rmirre rmirre mentioned this pull request Jan 17, 2018
Closed
@pbr0ck3r pbr0ck3r mentioned this pull request Feb 21, 2018
Closed
@rpkilby rpkilby mentioned this pull request Feb 21, 2018
Closed
@georgeliaw georgeliaw mentioned this pull request Sep 11, 2018
Closed
@stoicflame stoicflame mentioned this pull request Feb 14, 2020
Closed
@github-actions github-actions bot mentioned this pull request Apr 19, 2021
Closed
@Kendzione Kendzione mentioned this pull request Feb 9, 2023
Closed
@AASMACMX AASMACMX mentioned this pull request Feb 26, 2023
Open
@AASMACMX AASMACMX mentioned this pull request Apr 26, 2023
Open
@AASMACMX AASMACMX mentioned this pull request Jul 10, 2023
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@houndci-bot houndci-bot houndci-bot left review comments

@XhmikosR XhmikosR XhmikosR approved these changes

@mdo mdo Awaiting requested review from mdo

Assignees
No one assigned
Labels
js v3
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Johann-S @XhmikosR @houndci-bot