Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0046950Openbravo ERPA. Platformpublic2021-06-02 11:092021-06-11 06:55
Reporteralostale 
Assigned Toalostale 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in VersionPR21Q2.1 
Merge Request Statusapproved
Review Assigned To
OBNetwork customerNo
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0046950: prevent image inline scripts
Descriptionprevent image inline scripts
Steps To Reproduce-
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
depends on backport 0047030PR21Q2 closed alostale Openbravo ERP prevent image inline scripts 
depends on backport 0047031PR21Q1.4 closed alostale Openbravo ERP prevent image inline scripts 
related to defect 0047837 closed alostale POS2 index.html has inline scripts 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2021-06-02 11:09alostaleNew Issue
2021-06-02 11:09alostaleAssigned To => platform
2021-06-02 11:09alostaleOBNetwork customer => No
2021-06-02 11:09alostaleModules => Core
2021-06-02 11:09alostaleTriggers an Emergency Pack => No
2021-06-02 11:34alostaleSummaryprevent svg inline scripts => prevent image inline scripts
2021-06-02 11:34alostaleDescription Updatedbug_revision_view_page.php?rev_id=22649#r22649
2021-06-09 09:18alostaleAssigned Toplatform => alostale
2021-06-09 09:19alostaleStatusnew => scheduled
2021-06-09 09:20hgbotMerge Request Status => open
2021-06-09 09:20hgbotNote Added: 0129225
2021-06-09 12:52hgbotMerge Request Statusopen => approved
2021-06-09 12:52hgbotResolutionopen => fixed
2021-06-09 12:52hgbotStatusscheduled => closed
2021-06-09 12:52hgbotNote Added: 0129254
2021-06-09 12:52hgbotFixed in Version => PR21Q3
2021-06-09 12:52hgbotNote Added: 0129255
2021-06-09 12:53hgbotFixed in VersionPR21Q3 => PR21Q2
2021-06-09 12:53hgbotNote Added: 0129258
2021-06-11 06:55alostaleFixed in VersionPR21Q2 => PR21Q2.1
2021-10-13 09:12alostaleRelationship addedrelated to 0047837

Notes
(0129225)
hgbot   
2021-06-09 09:20   
Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/383 [^]
(0129254)
hgbot   
2021-06-09 12:52   
Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/383 [^]
(0129255)
hgbot   
2021-06-09 12:52   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/openbravo [^]
Changeset: 7978ce76fdd1a30a5eae310912a88daa97a833a8
Author: Asier Lostalé <asier.lostale@openbravo.com>
Date: 2021-06-09T12:39:04+02:00
URL: https://gitlab.com/openbravo/product/openbravo/-/commit/7978ce76fdd1a30a5eae310912a88daa97a833a8 [^]

fixes ISSUE-46950: prevents inline scripts in images

---
M src/org/openbravo/erpCommon/utility/ImageUtils.java
---
(0129258)
hgbot   
2021-06-09 12:53   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/openbravo [^]
Changeset: 618b2f9e8e2f158f51e06db32c8580fb7711a77d
Author: Asier Lostalé <asier.lostale@openbravo.com>
Date: 2021-06-09T12:40:39+02:00
URL: https://gitlab.com/openbravo/product/openbravo/-/commit/618b2f9e8e2f158f51e06db32c8580fb7711a77d [^]

fixes ISSUE-46950: prevents inline scripts in images

---
M src/org/openbravo/erpCommon/utility/ImageUtils.java
---