Codestin Search App

2.17.7

fix: template literals deprecation for php 8.2.1 (#471)

Jan 26, 2023
b4f5955
zip
tar.gz
Notes

2.17.6

notice if dots have been used in the view name (#457)

* notice if dots have been used in the view name

* a test for the case we have dots in the view name

Jun 30, 2022
6acd82e
zip
tar.gz
Notes

2.17.5

Fix E_NOTICE when requesting invalid script (#449)

It is possible to trigger an exception by requesting an invalid script path.

The following URL path leads to XSS on the exception page,
showing two nice popups:

  http://myapp/_ignition/scripts/--><svg onload=alert(1337)>

The exception is:

  ErrorException
  Undefined index: --><svg onload=alert(1337)>

  Illuminate\Foundation\Bootstrap\HandleExceptions::handleError
  vendor/facade/ignition/src/Http/Controllers/ScriptController.php:14

This happens with facade/ignition 1.18.0 (the last with laravel 6 support)
and should be fixed there.
The error probably also occurs in all later versions.

Feb 23, 2022
1d71996
zip
tar.gz
Notes

1.18.1

v1 port for "Fix E_NOTICE when requesting invalid script" (#450)

* Fix E_NOTICE when requesting invalid script (#449)

It is possible to trigger an exception by requesting an invalid script path.

The following URL path leads to XSS on the exception page,
showing two nice popups:

  http://myapp/_ignition/scripts/--><svg onload=alert(1337)>

The exception is:

  ErrorException
  Undefined index: --><svg onload=alert(1337)>

  Illuminate\Foundation\Bootstrap\HandleExceptions::handleError
  vendor/facade/ignition/src/Http/Controllers/ScriptController.php:14

This happens with facade/ignition 1.18.0 (the last with laravel 6 support)
and should be fixed there.
The error probably also occurs in all later versions.

* Fix styling

Co-authored-by: freekmurze <[email protected]>