cordova-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From marc...@apache.org
Subject docs commit: CB-7623 properly escape the xml examples
Date Tue, 23 Sep 2014 23:17:57 GMT
Repository: cordova-docs
Updated Branches:
  refs/heads/master f6a38e4a4 -> fc69d715a


CB-7623 properly escape the xml examples


Project: http://git-wip-us.apache.org/repos/asf/cordova-docs/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-docs/commit/fc69d715
Tree: http://git-wip-us.apache.org/repos/asf/cordova-docs/tree/fc69d715
Diff: http://git-wip-us.apache.org/repos/asf/cordova-docs/diff/fc69d715

Branch: refs/heads/master
Commit: fc69d715a50e45a7b4f0540a46162f0af4efa5fe
Parents: f6a38e4
Author: Marcel Kinard <cmarcelk@gmail.com>
Authored: Tue Sep 23 19:17:08 2014 -0400
Committer: Marcel Kinard <cmarcelk@gmail.com>
Committed: Tue Sep 23 19:17:08 2014 -0400

----------------------------------------------------------------------
 docs/en/3.6.0/guide/appdev/whitelist/index.md | 16 ++++++++--------
 docs/en/edge/guide/appdev/whitelist/index.md  | 16 ++++++++--------
 2 files changed, 16 insertions(+), 16 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cordova-docs/blob/fc69d715/docs/en/3.6.0/guide/appdev/whitelist/index.md
----------------------------------------------------------------------
diff --git a/docs/en/3.6.0/guide/appdev/whitelist/index.md b/docs/en/3.6.0/guide/appdev/whitelist/index.md
index bfc05c7..6c73525 100644
--- a/docs/en/3.6.0/guide/appdev/whitelist/index.md
+++ b/docs/en/3.6.0/guide/appdev/whitelist/index.md
@@ -94,37 +94,37 @@ On older versions of Android, it may not be possible to restrict them.
 Cordova 3.6.0 introduces a second whitelist, for restricting which URLs
 are allowed to launch external applications. In previous versions of
 Cordova, all non-http URLs, such as `mailto:`, `geo:`, `sms:` and `intent`,
-were implicitly allowed to be the target of a an <a> tag. Because of the
+were implicitly allowed to be the target of an &lt;a&gt; tag. Because of the
 potential for an application to leak information, if an XSS vulnerability
 allows an attacker to construct arbitrary links, these URLs must be
 whitelisted as well, starting in Cordova 3.6.0.
 
-To allow a URL pattern to launch an external application, use an <access>
+To allow a URL pattern to launch an external application, use an &lt;access>
 tag in your `config.xml` file, with the `launch-external` attribute set.
 
 Examples:
 
 * To allow links to send SMS messages:
 
-    <access origin="sms:*" launch-external="yes" />
+        <access origin="sms:*" launch-external="yes" />
 
 * To allow links to open Maps:
 
-    <access origin="geo:*" launch-external="yes" />
+        <access origin="geo:*" launch-external="yes" />
 
 * To allow links to example.com to open in an external browser:
 
-    <access origin="http://example.com/*" launch-external="yes" />
+        <access origin="http://example.com/*" launch-external="yes" />
 
 * To allow all non-whitelisted websites to open in an external browser:
 (This is the same as the previous behaviour for non-whitelisted URLs)
 
-    <access origin="http://*" launch-external="yes" />
-    <access origin="https://*" launch-external="yes" />
+        <access origin="http://*" launch-external="yes" />
+        <access origin="https://*" launch-external="yes" />
 
 * To allow access to all URLs, reverting to the Cordova 3.5.0 policy (not recommended):
 
-    <access origin="*" launch-external="yes" />
+        <access origin="*" launch-external="yes" />
 
 When navigating to a URL from within your application, the interal whitelist
 is tested first, and if the URL is not whitelisted there, then the external

http://git-wip-us.apache.org/repos/asf/cordova-docs/blob/fc69d715/docs/en/edge/guide/appdev/whitelist/index.md
----------------------------------------------------------------------
diff --git a/docs/en/edge/guide/appdev/whitelist/index.md b/docs/en/edge/guide/appdev/whitelist/index.md
index bfc05c7..6c73525 100644
--- a/docs/en/edge/guide/appdev/whitelist/index.md
+++ b/docs/en/edge/guide/appdev/whitelist/index.md
@@ -94,37 +94,37 @@ On older versions of Android, it may not be possible to restrict them.
 Cordova 3.6.0 introduces a second whitelist, for restricting which URLs
 are allowed to launch external applications. In previous versions of
 Cordova, all non-http URLs, such as `mailto:`, `geo:`, `sms:` and `intent`,
-were implicitly allowed to be the target of a an <a> tag. Because of the
+were implicitly allowed to be the target of an &lt;a&gt; tag. Because of the
 potential for an application to leak information, if an XSS vulnerability
 allows an attacker to construct arbitrary links, these URLs must be
 whitelisted as well, starting in Cordova 3.6.0.
 
-To allow a URL pattern to launch an external application, use an <access>
+To allow a URL pattern to launch an external application, use an &lt;access>
 tag in your `config.xml` file, with the `launch-external` attribute set.
 
 Examples:
 
 * To allow links to send SMS messages:
 
-    <access origin="sms:*" launch-external="yes" />
+        <access origin="sms:*" launch-external="yes" />
 
 * To allow links to open Maps:
 
-    <access origin="geo:*" launch-external="yes" />
+        <access origin="geo:*" launch-external="yes" />
 
 * To allow links to example.com to open in an external browser:
 
-    <access origin="http://example.com/*" launch-external="yes" />
+        <access origin="http://example.com/*" launch-external="yes" />
 
 * To allow all non-whitelisted websites to open in an external browser:
 (This is the same as the previous behaviour for non-whitelisted URLs)
 
-    <access origin="http://*" launch-external="yes" />
-    <access origin="https://*" launch-external="yes" />
+        <access origin="http://*" launch-external="yes" />
+        <access origin="https://*" launch-external="yes" />
 
 * To allow access to all URLs, reverting to the Cordova 3.5.0 policy (not recommended):
 
-    <access origin="*" launch-external="yes" />
+        <access origin="*" launch-external="yes" />
 
 When navigating to a URL from within your application, the interal whitelist
 is tested first, and if the URL is not whitelisted there, then the external


Mime
View raw message