Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Patches from ShorelineCrypto Open Sourced #382

Open
ShorelineCrypto opened this issue May 23, 2021 · 1 comment
Open

Security Patches from ShorelineCrypto Open Sourced #382

ShorelineCrypto opened this issue May 23, 2021 · 1 comment

Comments

@ShorelineCrypto
Copy link

This is not trying to get support here. This is mainly a feedback of contribution to the opentrade/marycoin eco-system that shorelinecrypto version of opentrade is open sourced today. The SLC version of opentrade is a fork of old version of OpenTrade. So the software base has been changed a lot. However, I do believe that security patches below from SLC version of opentrade can contribute significant security improvement on the current latest opentrade version if those patches can be brought in here.

Here are the security patches from the shorelinecrypto version of opentrade:
source: https://github.com/ShorelineCrypto/opentrade
(1) Extensive security patches on API code where strict regular expression is enforced to deny SQL injection hack in input variables. This mainly is on utils.js and v1.js two files. market/currency etc are checked on this.
(2) Extensive security patches on profile/registration page where strict regular expression is enforced to deny SQL injection hack in username/emails
@ultra-pool
Copy link

Has this been tested lately?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ultra-pool @ShorelineCrypto