cordova-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mwbro...@apache.org
Subject [3/6] docs commit: [CB-4203] need to avoid script injection
Date Mon, 21 Oct 2013 21:38:11 GMT
[CB-4203] need to avoid script injection


Project: http://git-wip-us.apache.org/repos/asf/cordova-docs/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-docs/commit/824a7899
Tree: http://git-wip-us.apache.org/repos/asf/cordova-docs/tree/824a7899
Diff: http://git-wip-us.apache.org/repos/asf/cordova-docs/diff/824a7899

Branch: refs/heads/master
Commit: 824a789934a0c2780d04bbd5289bc6f914ab6197
Parents: 4fa156e
Author: Mike Sierra <msierra@adobe.com>
Authored: Mon Sep 30 14:16:29 2013 -0400
Committer: Michael Brooks <michael@michaelbrooks.ca>
Committed: Mon Oct 21 14:38:00 2013 -0700

----------------------------------------------------------------------
 docs/en/edge/guide/appdev/whitelist/index.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cordova-docs/blob/824a7899/docs/en/edge/guide/appdev/whitelist/index.md
----------------------------------------------------------------------
diff --git a/docs/en/edge/guide/appdev/whitelist/index.md b/docs/en/edge/guide/appdev/whitelist/index.md
index 6760d96..ba65234 100644
--- a/docs/en/edge/guide/appdev/whitelist/index.md
+++ b/docs/en/edge/guide/appdev/whitelist/index.md
@@ -64,8 +64,10 @@ The following examples demonstrate whitelist syntax:
 Platform-soecific whitelisting rules are found in
 `res/xml/config.xml`.
 
-For Android versions prior to 3.0, domain whitelisting only works for
-`href` hyperlinks, not embedded resources such as images and scripts.
+__NOTE:__ On Android 2.3 and before, domain whitelisting only works
+for `href` hyperlinks, not referenced resources such as images and
+scripts. Take steps to avoid scripts from being injected into the
+application.
 
 ## iOS Whitelisting
 


Mime
View raw message