Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encode values properly when rendering HTML pages #1532

Closed
3 tasks done
goekay opened this issue Aug 4, 2024 · 0 comments · Fixed by #1533
Closed
3 tasks done

Encode values properly when rendering HTML pages #1532

goekay opened this issue Aug 4, 2024 · 0 comments · Fixed by #1533
Assignees
@goekay

Comments

@goekay
Copy link
Member

goekay commented Aug 4, 2024
edited
Loading

Checklist

  • I checked other issues already and found no answer
  • I checked the documentation and found no answer
  • I am running the latest version and the feature i am requesting is not implemented there

Describe the problem you are trying to solve

We should be using https://owasp.org/www-project-java-encoder/ at all places where we render some data coming from external sources (e.g. charging stations).

Describe the solution you'd like

This change being propagated to all other places.

Some other templates are mentioned here.

Describe alternative solutions or features you've considered

...

Additional context

This ticket was the starting point.
@goekay goekay self-assigned this Aug 4, 2024
goekay added a commit that referenced this issue Aug 4, 2024
@goekay
use html encoder on page: chagepointDetails (#1532)
1fd3a1c
goekay added a commit that referenced this issue Aug 4, 2024
@goekay
use html encoder on page: transactions (#1532)
f5df5a8
goekay added a commit that referenced this issue Aug 4, 2024
@goekay
use html encoder on page: transactionDetails (#1532)
0fcaac4
goekay added a commit that referenced this issue Aug 4, 2024
@goekay
use html encoder on page: ocppTags (#1532)
88b03d3
goekay added a commit that referenced this issue Aug 4, 2024
@goekay
use html encoder on page: connectorStatus (#1532)
56d737c
goekay added a commit that referenced this issue Aug 4, 2024
@goekay
use html encoder on page: GetConfigurationResponse (#1532)
c189cd6
goekay added a commit that referenced this issue Aug 4, 2024
@goekay
use html encoder on page: taskResult (#1532)
4a20e11
@goekay goekay linked a pull request Aug 4, 2024 that will close this issue
Encode values properly when rendering HTML pages #1533
Merged
goekay added a commit that referenced this issue Aug 6, 2024
@goekay
Encode values properly when rendering HTML pages (#1533)
59214e7 
* use html encoder on page: chagepointDetails (#1532)

* use html encoder on page: transactions (#1532)

* use html encoder on page: transactionDetails (#1532)

* use html encoder on page: ocppTags (#1532)

* use html encoder on page: connectorStatus (#1532)

* use html encoder on page: GetConfigurationResponse (#1532)

* use html encoder on page: taskResult (#1532)
faculoyarte pushed a commit to faculoyarte/steve that referenced this issue Sep 4, 2024
@goekay @faculoyarte
Encode values properly when rendering HTML pages (steve-community#1533)
8ceb7b2 
* use html encoder on page: chagepointDetails (steve-community#1532)

* use html encoder on page: transactions (steve-community#1532)

* use html encoder on page: transactionDetails (steve-community#1532)

* use html encoder on page: ocppTags (steve-community#1532)

* use html encoder on page: connectorStatus (steve-community#1532)

* use html encoder on page: GetConfigurationResponse (steve-community#1532)

* use html encoder on page: taskResult (steve-community#1532)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@goekay goekay

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Encode values properly when rendering HTML pages steve-community/steve
1 participant
@goekay