Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=810928 Athmane Madjoudj <athmanem@xxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #577135|0 |1 is obsolete| | Attachment #577191|0 |1 is obsolete| | --- Comment #11 from Athmane Madjoudj <athmanem@xxxxxxxxx> 2012-04-13 20:10:43 EDT --- Created attachment 577433 --> https://bugzilla.redhat.com/attachment.cgi?id=577433 Fix for some security issues (Cross-site scripting and SQL Injections) Patch that fixes some SQL Injection in admin interface, I merged all patchs into this one. Merge request updated to include new fixes: https://gitorious.org/sticky-notes/sticky-notes/merge_requests/2 Also, forcing 'HttpOnly' cookies does not seem to work, because of the following JS calls (jQuery Cookie plugin): skins/$SKINNAME/js/main.js: var author = $.cookie('stickynotes_author'); skins/$SKINNAME/js/main.js: var language = $.cookie('stickynotes_language'); -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review