Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add escaping of js translation version #1

Closed
wants to merge 1 commit into from
Closed

Add escaping of js translation version #1

wants to merge 1 commit into from

Conversation

ihor-sviziev
Copy link

@ihor-sviziev ihor-sviziev commented Sep 16, 2017
edited
Loading

As it was discussed in magento#10378 (comment) - we need to escape js translation version.

Steps to reproduce:

  1. Put following code to getTranslationFileVersion method (directly or via plugin):
return "' || alert(1) || '";
  1. Go to any page

Actual result:

  1. Alert with message 1 is shown

Expected result:

  1. Alert mustn't be shown

@ihor-sviziev
Copy link
Author

ihor-sviziev commented Sep 16, 2017
edited
Loading

Sorry, created pull request to wrong repo

@hostep
Copy link
Owner

hostep commented Sep 16, 2017

No problem :)

hostep pushed a commit that referenced this pull request Feb 7, 2018
@kandy
Merge pull request #1 from magento-performance/MAGETWO-61315
f4ffdf8 
MAGETWO-61315: [Backport] - [GitHub] Set Product as New from Date and…
hostep pushed a commit that referenced this pull request Feb 7, 2018
@kandy
Merge pull request #1 from magento-performance/MAGETWO-61315
98be29e 
MAGETWO-61315: [Backport] - [GitHub] Set Product as New from Date and…
hostep pushed a commit that referenced this pull request Mar 4, 2018
Merge pull request #1 from magento/2.2-develop
cff56e7 
Merge magento/magento2:2.2-develop into northernco/magento2
hostep pushed a commit that referenced this pull request Mar 20, 2018
@Ctucker9233
Merge pull request #1 from Ctucker9233/Ctucker9233-Backport-Magetwo-5…
b19a484 
…9112

Update config.xml
hostep pushed a commit that referenced this pull request Jun 27, 2018
@eugene-shab
Merge pull request #1 from magento/2.2-develop
f499027 
Merged with last commits
hostep pushed a commit that referenced this pull request Aug 11, 2018
@yogeshks
Merge pull request #1 from Yogeshks/2.1-develop-PR-port-15333
0613e58 
[Backport] Added language translation for message string
hostep pushed a commit that referenced this pull request Aug 11, 2018
@hitesh-wagento
Merge pull request #1 from hitesh-wagento/2.1-develop-PR-port-15734
0e87e9e 
[Backport] [Resolved : Styling <select> by changing less variables in Luma theme…
hostep pushed a commit that referenced this pull request Aug 15, 2018
Merge pull request #1 from kreativedev/kreativedev-patch-1
a2cdcc3 
Fixed a grammatical error on the vault tooltip
hostep pushed a commit that referenced this pull request Oct 4, 2018
@lfolco
Merge pull request #1 from lfolco/2.2-develop-PR-port-17650
ccbb792 
[Backport] Use route ID when creating secret keys in backend menus instead of route name
hostep pushed a commit that referenced this pull request Jan 23, 2019
@amritms
Merge pull request #1 from amritms/amritms-patch-1
a9c20eb 
removes extra dot on "How to run Magento" in phpserve/README.md
hostep pushed a commit that referenced this pull request Feb 19, 2019
Add Brazilian Credit Cards Support
2793844 
Add Brazilian Credit Cards Support #1
hostep pushed a commit that referenced this pull request Feb 19, 2019
Add Brazilian Credit Cards regex #1
6c1b144
hostep pushed a commit that referenced this pull request Mar 25, 2019
Merge pull request #1 from amol2jcommerce/2.3-develop-PR-port-20369
ac8b808 
[Forwardport] 'Fixes-for-customer-login-page-input-field' :: On customer login page…
hostep pushed a commit that referenced this pull request Apr 3, 2019
@lisovyievhenii
Merge pull request #1 from magento/2.2-develop
9688409 
2.2 develop
hostep pushed a commit that referenced this pull request Apr 6, 2019
@alexander-aleman
Merge pull request #1 from magento/2.3-develop
1232e6d 
merge from magento/magento2
hostep pushed a commit that referenced this pull request Apr 6, 2019
@samuel20miglia
Merge pull request #1 from samuel20miglia/samuel20miglia-patch-1
e3371ab 
Removed two times zlib.output_compression on
hostep pushed a commit that referenced this pull request May 4, 2019
@stkec
Merge pull request #1 from magento/2.3-develop
b34eb7a 
merge latest M2
nmalevanec pushed a commit that referenced this pull request May 10, 2019
@yogeshsuhagiya
Merge pull request #1 from yogeshsuhagiya/2.3-develop-graphql-PR-yoge…
57d8908 
…sh-1

Changed canonical_url to relative_url
nmalevanec pushed a commit that referenced this pull request May 10, 2019
@AfreenScarlet
Merge pull request #1 from magento/2.3-develop
bda7741 
Updating the fork
hostep pushed a commit that referenced this pull request Jul 8, 2019
@vaseemishak
Merge pull request #1 from vaseemishak/vaseemishak-patch-1
93212db 
seo meta tag order best practices
hostep pushed a commit that referenced this pull request Jul 29, 2019
@amjadm61
Merge pull request #1 from magento/2.3-develop
878ea22 
merge
hostep pushed a commit that referenced this pull request Aug 11, 2019
Merge pull request #1 from magento/2.3-develop
1d2d13e 
Update
hostep pushed a commit that referenced this pull request Aug 11, 2019
@arushibansal013
Merge pull request #1 from magento/2.3-develop
3945829 
Updating my code
hostep pushed a commit that referenced this pull request Sep 5, 2019
@Krielkip
Merge pull request #1 from magento/2.3-develop
60ea2be 
Import changes
hostep pushed a commit that referenced this pull request Oct 6, 2019
@Yupik
Merge pull request #1 from magento/2.3-develop
998cd74 
Update
hostep pushed a commit that referenced this pull request Oct 6, 2019
@swnsma
Merge pull request #1 from magento/2.3-develop
d42c828 
Update
hostep pushed a commit that referenced this pull request Oct 26, 2019
@andrey-legayev
Static Content Deploy - Decrease time waste on sleep()
88e7a87 
Issue #1: Static content deploy waits 3 sec in single-job mode after finish
Fixed by moving this sleep() into if ($this->isCanBeParalleled()) { ... }

Issue #2: Static content deploy has 5 secs delay between checking if worker job finished processing.
It leads up to 5 sec time waste before next job will start.
Improved by decreasing time from 5 sec to 0.5 sec with saving log refresh rate (10*0.5 sec)

On 4 themes and 7 locales these fixes improve time of static content deploy by 10-15 secs
slavvka pushed a commit that referenced this pull request Jan 15, 2020
@aleromano89
Merge pull request #1 from magento/2.4-develop
95fc06f 
allineamento
VladimirZaets pushed a commit that referenced this pull request Aug 11, 2020
Merge pull request #1 from magento/2.4-develop
1ee84fb 
Merge changes from origin repo
engcom-Golf pushed a commit that referenced this pull request Oct 1, 2020
@sarron93
Merge pull request #1 from sarron93/sarron93-issues-29213
238ce85 
Fix Issues 29213
hostep pushed a commit that referenced this pull request Feb 4, 2021
@nikolalardev
Merge pull request #1 from magento/2.4-develop
d21a4fd 
Update
hostep pushed a commit that referenced this pull request Mar 30, 2021
@gixid192
Merge pull request #1 from magento/2.4-develop
1be4239 
abc
hostep pushed a commit that referenced this pull request Jul 12, 2022
@arifadobe
Merge pull request #1 from arifadobe/missing-section-for-custom-role
ee676ec 
Missing section when custom role is selected
hostep pushed a commit that referenced this pull request Aug 31, 2022
@Nazar65
Fix Passing null to parameter #1 ($string) of type string
a6aa519
hostep pushed a commit that referenced this pull request Jan 9, 2023
@craig-bartlett
Merge pull request #1 from craig-bartlett/issue-35535-cast-floats-to-…
f402686 
…ints

magento#35535: Magento 2.4.4 Mini cart item images not showing
hostep pushed a commit that referenced this pull request Apr 24, 2023
@rimple-saini
AC-7114::[2.4.5-p1] Argument #1 ($fieldNode) must be of type GraphQL\…
c56d4dc 
…\Language\\AST\\FieldNode, GraphQL\\Language\\AST\\InlineFragmentNode given - Added Inline Fragment Fields
hostep pushed a commit that referenced this pull request Apr 24, 2023
@rimple-saini
AC-7114::[2.4.5-p1] Argument #1 ($fieldNode) must be of type GraphQL\…
66eacc4 
…\Language\\AST\\FieldNode, GraphQL\\Language\\AST\\InlineFragmentNode given - Fixed Static Test
engcom-Echo pushed a commit that referenced this pull request Dec 26, 2023
AC-9027::get_class(): Argument #1 () must be of type object, string g…
732c099 
…iven in magento/framework/Setup/Patch/PatchApplier
engcom-Echo pushed a commit that referenced this pull request Dec 26, 2023
AC-9027::get_class(): Argument #1 () must be of type object, string g…
397b759 
…iven in magento/framework/Setup/Patch/PatchApplier
hostep pushed a commit that referenced this pull request Jul 18, 2024
@yogesh-valiya
Merge pull request #1 from magento/2.4-develop
6a95192 
pull
engcom-Charlie pushed a commit that referenced this pull request Oct 25, 2024
@rostilos
Merge pull request #1 from magento/2.4-develop
292c9b6 
upd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ihor-sviziev @hostep