You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In order to secure encode data for model usage the after find event will encode data in text and textarea plugins. When data is not populated trough database (example creating a new model -> save and access/dump/embed user the model values) the input data is not auto encoded this makes xss injection possible when encoding is not done by yourself inside the application.
In order to prevent this the following events will force encoding of the values:
after insert
after update
after refresh
The text was updated successfully, but these errors were encountered:
In order to secure encode data for model usage the after find event will encode data in text and textarea plugins. When data is not populated trough database (example creating a new model -> save and access/dump/embed user the model values) the input data is not auto encoded this makes xss injection possible when encoding is not done by yourself inside the application.
In order to prevent this the following events will force encoding of the values:
The text was updated successfully, but these errors were encountered: