Thanks to visit codestin.com
Credit goes to github.com

Skip to content

PM-460 - handle scurity scan issues#984

Merged
vas3a merged 1 commit intodevfrom
PM-460_handle-security-scan-issues
Jan 7, 2025
Merged

PM-460 - handle scurity scan issues#984
vas3a merged 1 commit intodevfrom
PM-460_handle-security-scan-issues

Conversation

@vas3a
Copy link
Collaborator

@vas3a vas3a commented Jan 6, 2025
edited
Loading

Related JIRA Ticket:
https://topcoder.atlassian.net/browse/PM-460

What's in this PR?

Handles several security issues as per PM-460:

❌ [Low] Improper Type Validation
Path: src/apps/earn/src/reducers/challenge-listing/index.js, line 970
❌ [Low] Improper Type Validation
Path: src/apps/earn/src/reducers/challenge-listing/index.js, line 971
✔️ [Medium] Permissive Cross-domain Policy
Path: src/apps/learn/src/free-code-camp/fcc-frame/FccFrame.tsx, line 38
✔️ [Medium] Cross-site Scripting (XSS)
Path: src/libs/ui/lib/components/tabs-navbar/TabsNavbar.tsx, line 115
✔️ [High] Hardcoded Secret
Path: src/apps/earn/src/config/prod.ts, line 14
✔️ [High] Hardcoded Secret
Path: src/apps/earn/src/config/dev.ts, line 12
✔️ [High] Cross-site Scripting (XSS)
Path: src/apps/learn/src/course-details/course-curriculum/dice-modal/DiceModal.tsx, line 52
✔️ [High] Cross-site Scripting (XSS)
Path: src/apps/self-service/src/components/work-details/details/sidebar/WorkDetailDetailsSidebar.tsx, line 43
✔️ [High] Cross-site Scripting (XSS)
Path: src/apps/self-service/src/components/work-details/details/sidebar/WorkDetailDetailsSidebar.tsx, line 53
✔️ [High] Cross-site Scripting (XSS)
Path: src/apps/self-service/src/components/work-details/details/sidebar/WorkDetailDetailsSidebar.tsx, line 63

@vas3a vas3a requested a review from kkartunov January 6, 2025 16:16
kkartunov
kkartunov approved these changes Jan 7, 2025
View reviewed changes
Copy link
Collaborator

@kkartunov kkartunov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

@vas3a vas3a merged commit 25aedff into dev Jan 7, 2025
3 checks passed
@vas3a vas3a deleted the PM-460_handle-security-scan-issues branch January 7, 2025 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kkartunov kkartunov kkartunov approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vas3a @kkartunov