Commit graph

11 commits

Author SHA1 Message Date
Hypolite Petovan
6f9e15ea57 Remove escaping exception for form field values
- This could allow code injection from a malicious query leading to a form page
- Thanks to Laura Pîrcălăboiu for the report
2023-08-02 16:30:48 +02:00
Michael
aca701bef8 Changed OpenID registration 2019-10-24 20:23:26 +00:00
Hypolite Petovan
e1b3bcc77d Unescape yet more values with a focus on the vier theme 2018-12-16 22:38:32 -05:00
Hypolite Petovan
c407fb7963 Avoid escaping relevant template variables 2018-12-16 22:38:32 -05:00
Hypolite Petovan
2241ba4540 Remove uses of HTML escaping in Smarty templates 2018-12-16 22:38:30 -05:00
Andreas Neustifter
5d1d0d1a9f Remove empty help spans from templates.
The empty spans from the templates mess up the layout sometimes, and are useless weight anyway.
Lets get rid of them.
2018-04-23 20:29:55 +00:00
Sandro Santilli
27cce1e6dc Add type="text" attribute for openid input field 2017-04-06 21:48:20 +02:00
Tobias Diekershoff
1ee405c9c3 added aria describedby elements refering to field help to the input templates 2016-04-04 08:10:27 +02:00
Fabrixxm
9d3fb417c2 Escape values to input fields (and some 'title' and 'alt') 2015-02-16 09:30:12 +01:00
Zach Prezkuta
127b7a589e eliminate Cropper conflicts with jQuery 2013-06-01 10:42:51 -06:00
Fabrixxm
379c761c3f missing "templates" folders 2013-04-23 07:47:57 -04:00