FORMS-15852 xss security fix for svg upload in file attachment #1462
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
force-pushed
the
xssFixSVG
branch
from
4316179 to
eafe5b8
Compare
Accessibility Violations Found
|
Lighthouse scores (mobile)
|
Lighthouse scores (desktop)
|
Accessibility Violations Found
|
2 similar comments
Accessibility Violations Found
|
Accessibility Violations Found
|
rajatofficial
force-pushed
the
xssFixSVG
branch
from
eafe5b8 to
6cbcfd1
Compare
github-actions
bot
force-pushed
the
xssFixSVG
branch
from
6cbcfd1 to
8b4071f
Compare
Accessibility Violations Found
|
Lighthouse scores (desktop)
|
Lighthouse scores (mobile)
|
Accessibility Violations Found
|
2 similar comments
Accessibility Violations Found
|
Accessibility Violations Found
|
Accessibility Violations Found
|
Accessibility Violations Found
|
Lighthouse scores (mobile)
|
Lighthouse scores (desktop)
|
Accessibility Violations Found
|
1 similar comment
Accessibility Violations Found
|
Accessibility Violations Found
|
1 similar comment
Accessibility Violations Found
|
Lighthouse scores (mobile)
|
Lighthouse scores (desktop)
|
Accessibility Violations Found
|
2 similar comments
Accessibility Violations Found
|
Accessibility Violations Found
|
Lighthouse scores (desktop)
|
Lighthouse scores (mobile)
|
Lighthouse scores (mobile)
|
Lighthouse scores (desktop)
|
Accessibility Violations Found
|
1 similar comment
Accessibility Violations Found
|
rajatofficial
force-pushed
the
xssFixSVG
branch
from
1508f9a to
9826ad7
Compare
github-actions
bot
force-pushed
the
xssFixSVG
branch
from
9826ad7 to
9a9e268
Compare
rajatofficial
force-pushed
the
xssFixSVG
branch
from
9a9e268 to
3aa2ea1
Compare
github-actions
bot
force-pushed
the
xssFixSVG
branch
from
3aa2ea1 to
cd03131
Compare
Accessibility Violations Found
|
Accessibility Violations Found
|
1 similar comment
Accessibility Violations Found
|
rajatofficial
force-pushed
the
xssFixSVG
branch
from
cd03131 to
0b486b8
Compare
github-actions
bot
force-pushed
the
xssFixSVG
branch
from
0b486b8 to
e66e585
Compare
Accessibility Violations Found
|
Accessibility Violations Found
|
1 similar comment
Accessibility Violations Found
|
Lighthouse scores (desktop)
|
Lighthouse scores (mobile)
|
Accessibility Violations Found
|
anshikag-adobe
pushed a commit
that referenced
this pull request
Oct 29, 2024
* FORMS-15852 xss fix for svg upload in file upload * FORMS-15852 xss fix for svg upload in file upload II * FORMS-15852 xss fix for svg upload in file upload main * FORMS-15852 xss fix for svg upload in file upload main II * FORMS-15852 xss fix for svg upload in file upload main II * FORMS-15852 xss fix for svg upload in file upload main II --------- Co-authored-by: Rajat Khurana <rajatkhurana@adobe.com>
sakshi-arora1
pushed a commit
that referenced
this pull request
Dec 3, 2024
* fixing flaky test (#1450) Co-authored-by: Shivam Agarwal <shivama@adobe.com> * Fixing vulnerability in GH action (#1452) * Translation support for strings in switch (#1456) Co-authored-by: Pavitra Khatri <pavitrakhatri@pavitras-mbp.corp.adobe.com> * Configured custom validation messages in file attachment (#1459) Co-authored-by: Pavitra Khatri <pavitrakhatri@pavitras-mbp.corp.adobe.com> * Fixing gh workflow (#1460) * Fixing gh workflow * Fixing GH actions * Move areOptionsRichText above Options (#1465) * FORMS-17046 Focus on panel with static text not working via custom function (#1464) * Focus on panel with static text not working via custom function * Fixing test * FORMS-15852 xss security fix for svg upload in file attachment (#1462) * FORMS-15852 xss fix for svg upload in file upload * FORMS-15852 xss fix for svg upload in file upload II * FORMS-15852 xss fix for svg upload in file upload main * FORMS-15852 xss fix for svg upload in file upload main II * FORMS-15852 xss fix for svg upload in file upload main II * FORMS-15852 xss fix for svg upload in file upload main II --------- Co-authored-by: Rajat Khurana <rajatkhurana@adobe.com> * FORMS-17068 Fetch custom properties from CoreComponentCustomPropertiesProvider which are behind FT and make part of FormContainer get properties. (#1467) Also updated FOrms SDK version * sanitized text should have target attribute in links (#1463) * sanitized text should have target attribute in links * catering comments * correcting test case * catering comments --------- Co-authored-by: Shivam Agarwal <shivama@adobe.com> * FORMS-17091 initializing label in button view (#1471) Co-authored-by: Shivam Agarwal <shivama@adobe.com> * Fixing GH workflow (#1472) * [FORMS-13474] HTML5 datalist enhancement in dropdown component (#1470) * Adding new custom property for enable suggestions in bundles * Junit test cases to cover Enable Suggestions and Multi Selection in Dropdown * HTL template change + listener on checkbox * Cypress test for enable suggestions * Cypress test for enable suggestions * Remove enableSuggestions from JSON * Remove enableSuggestions from JUnit dropdown test json * Cypress tests for dropdown with autocomplete * Cypress tests for dropdown with autocomplete * Update classname for datalist * More Test cases to cover different values of enableSuggestions * Remove extra code * Simplified the return in enableSuggestions * Remove JsonIgnore annotation * JavaDoc for isEnableSuggestions * Bump up the minor version in package-info * Sort imports in dropdownimpl * custom function registration using action url from backend (#1469) * custom function registration using action url from backend custom function registration using action url from backend custom function registration using action url from backend * custom function registration using action url from backend custom function registration using action url from backend custom function registration using action url from backend * custom function registration using action url from backend * custom function registration using action url from backend * custom function registration using action url from backend * custom function registration using action url from backend - reusing the existing function * custom function registration using action url from backend - marked existing function as deprecated custom function registration using action url from backend - marked existing function as deprecated * Update FormContainer.java * formatting only * Update utils.js --------- Co-authored-by: Rishi Mehta <69448117+rismehta@users.noreply.github.com> * Revert "[FORMS-13474] HTML5 datalist enhancement in dropdown component (#1470)" This reverts commit ac662e9. * Moving CI to latest rotary image (#1475) * using latest rotary image * Fixing version * @releng [maven-scm] :prepare release core-forms-components-reactor-3.0.72 * @releng [maven-scm] :prepare for next development iteration * Update VERSIONS.md and README.md to include version 3.0.72 * Theme Editor POC CC Style Configs * Fixed minor bug for base error class selector * Adding style config for hCaptcha and reCaptcha * Updating style for Buttons * Updating style for Footer * Updated style for Checkbox * Updating style for input components * Updating style for file input * Updating style for image * Updating style for radio button * Updating style for switch * Updating style for tnc * Updating style for captcha * Updating style for email and accordion * Updating style for wizard * Updating style for tabsontop * Updating style for vertical tabs * Updating style for panel container * Updating themeConfig of container * updating style for base * Updating ids for theme editor support * Updating reference to core components * Clientlib changes * Updating labels for UI * Removing GuideException * Additions in CheckboxGroup style config * Updating VERTICAL and HORIZONTAL classes for checkbox and radiobutton * Updating errormessage div styles for components * Updating error and success states for components --------- Co-authored-by: Shivam Agarwal <47965724+im-shiv@users.noreply.github.com> Co-authored-by: Shivam Agarwal <shivama@adobe.com> Co-authored-by: Rishi Mehta <69448117+rismehta@users.noreply.github.com> Co-authored-by: pavi41 <82104752+pavi41@users.noreply.github.com> Co-authored-by: Pavitra Khatri <pavitrakhatri@pavitras-mbp.corp.adobe.com> Co-authored-by: anshikag-adobe <anshikag@adobe.com> Co-authored-by: Rajat Khurana <30727855+rajatofficial@users.noreply.github.com> Co-authored-by: Rajat Khurana <rajatkhurana@adobe.com> Co-authored-by: Pankaj Girotra <126753223+girotraapankaj@users.noreply.github.com> Co-authored-by: Barshat Rai <barshatrai99@gmail.com> Co-authored-by: Rishi Mehta <rismehta@adobe.com> Co-authored-by: ci-build <ci-build@aemforms> Co-authored-by: Muskan Gupta <muskgupta@Muskans-MacBook-Pro.local>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Related Issue
Motivation and Context
How Has This Been Tested?
Screenshots (if appropriate):
Types of changes
Checklist: