Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SITES-24380 - Checkmarx Vulnerability - OOTB Search.js #2847

Merged
merged 4 commits into from
Sep 10, 2024
Merged

Conversation

LSantha
Copy link
Contributor

@LSantha LSantha commented Sep 4, 2024

  • protecting href in search component search.js against XSS
Q                       A
Fixed Issues? SITES-24380
Patch: Bug Fix? Yes
Minor: New Feature?
Major: Breaking Change? No
Tests Added + Pass? Yes
Documentation Provided Yes (code comments and or markdown)
Any Dependency Changes? No
License Apache License, Version 2.0

 * protecting href in search component search.js against XSS
 * protecting href in search component search.js against XSS
Copy link

codecov bot commented Sep 4, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 87.15%. Comparing base (099ecbd) to head (38eeb94).
Report is 1 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff            @@
##               main    #2847   +/-   ##
=========================================
  Coverage     87.15%   87.15%           
  Complexity     2692     2692           
=========================================
  Files           235      235           
  Lines          7188     7188           
  Branches       1100     1100           
=========================================
  Hits           6265     6265           
  Misses          365      365           
  Partials        558      558           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

 * protecting href in search component search.js against XSS
@LSantha LSantha requested a review from YahorC September 5, 2024 08:29
 * removed url encoding to avoid double encoding
Copy link

sonarcloud bot commented Sep 9, 2024

@LSantha LSantha merged commit e7f0daa into main Sep 10, 2024
14 checks passed
@LSantha LSantha deleted the SITES-24380 branch September 10, 2024 09:03
@LSantha LSantha added this to the 2.27.0 milestone Sep 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants