Sanitize user-input on file name (#17666)
* Sanitize user-input on file name - Sanitize user-input before it get passed into the DOM. - Prevent things like "<iframe onload=alert(1)></iframe>" from being executed. This isn't a XSS attack as the server seems to be santizing the path as well. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>tokarchuk/v1.17
parent
5233051e64
commit
d8a8961b99
Loading…
Reference in new issue