hawq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hornn <...@git.apache.org>
Subject [GitHub] incubator-hawq pull request: Hawq 189
Date Wed, 25 Nov 2015 22:52:54 GMT
GitHub user hornn opened a pull request:


    Hawq 189


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/hornn/incubator-hawq HAWQ-189

Alternatively you can review and apply these changes as the patch at:


To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #136
commit e48dfffbe27a1d6ce07bbf2333d6e98f1e8d029e
Author: Noa Horn <nhorn@pivotal.io>
Date:   2015-11-25T18:14:21Z

    HAWQ-189. Replace all non-alpha-numeric characters in returned message to avoid cross-site
    The recommendation to avoid XSS is to validate the input. Because the path can be of any
format, depending on the custom plugins used, no generic validation is possible at the entry
point. Instead we chose to make sure that the returned ok message is safe by replacing all
special characters with a dot.

commit 0b8c6f8d2ba6d9eacf49ff85b5e4987e7643788a
Author: Noa Horn <nhorn@pivotal.io>
Date:   2015-11-25T22:50:19Z

    HAWQ-189. unittest


If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.

View raw message