We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug Just upgraded to 19.1, and getting an XSS issue on the new XSS detection changes. (The regex is still too loose)
To Reproduce Test this URL http://localhost:3000/login?redirect=/work/gigs?onboardingComplete=true with the regex
http://localhost:3000/login?redirect=/work/gigs?onboardingComplete=true
Expected behavior Not to pass
Environment:
Additional context/Screenshots
The text was updated successfully, but these errors were encountered:
Same here, my case is ?online=0, trigger the error.
Sorry, something went wrong.
FYI, offending PRs: #2464 #2529 offending code: https://github.com/axios/axios/blob/v0.19.1/lib/helpers/isValidXss.js
Let's track in #2646. Forgive me even though this issue is opened first.
No branches or pull requests
Describe the bug
Just upgraded to 19.1, and getting an XSS issue on the new XSS detection changes. (The regex is still too loose)
To Reproduce
Test this URL
http://localhost:3000/login?redirect=/work/gigs?onboardingComplete=true
with the regexExpected behavior
Not to pass
Environment:
Additional context/Screenshots
The text was updated successfully, but these errors were encountered: