[midPoint-git] [Evolveum/midpoint] e17a0e: AjaxButton: Fixed potential XSS - do not ignore es...
Lukas Skublik
noreply at github.com
Thu Sep 21 13:41:15 CEST 2023
Branch: refs/heads/support-4.6
Home: https://github.com/Evolveum/midpoint
Commit: e17a0e516430468ab3f544459e498b3ae16eadc1
https://github.com/Evolveum/midpoint/commit/e17a0e516430468ab3f544459e498b3ae16eadc1
Author: Tony Tkáčik <tonydamage at gmail.com>
Date: 2023-09-21 (Thu, 21 Sep 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/AjaxButton.java
Log Message:
-----------
AjaxButton: Fixed potential XSS - do not ignore escapeModelStrings flags
Signed-off-by: Tony Tkáčik <tonydamage at gmail.com>
Commit: e59e77dafcc144a90f29e9175acd303633e3b34b
https://github.com/Evolveum/midpoint/commit/e59e77dafcc144a90f29e9175acd303633e3b34b
Author: lskublik <lskublik at evolveum.com>
Date: 2023-09-21 (Thu, 21 Sep 2023)
Changed paths:
M model/authentication-api/src/main/java/com/evolveum/midpoint/authentication/api/util/AuthUtil.java
A model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/filter/UseCsrfFilterOnlyForAuthenticatedRequest.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configuration/OidcClientModuleWebSecurityConfiguration.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configurer/RemoteModuleWebSecurityConfigurer.java
Log Message:
-----------
use CSRF filter after authentication for remote auth modules
Compare: https://github.com/Evolveum/midpoint/compare/123f66de1d73...e59e77dafcc1
More information about the midPoint-svn
mailing list