Skip to content

XSS vulnerability in src/doc/not_found.md #24872

New issue
New issue
Closed
#24881
Closed
XSS vulnerability in src/doc/not_found.md#24872
#24881
Labels
T-rustdocRelevant to the rustdoc team, which will review and decide on the PR/issue.
@XMPPwocky

Description

@XMPPwocky
XMPPwocky
opened on Apr 27, 2015

Example: (copy into browser; Github URL-encodes URLs, which breaks this)
http://doc.rust-lang.org/std/trait.Any.html#method.hullo"><img src="nope" onerror="alert('hi');">

Method name should be sanitized properly.

Metadata

Metadata

Assignees

No one assigned

    Labels

    T-rustdocRelevant to the rustdoc team, which will review and decide on the PR/issue.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions