-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathextension.meta.xml
49 lines (49 loc) · 2.12 KB
/
extension.meta.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
<?xml version="1.0" encoding="UTF-8"?>
<extension id="xssfilter" status="released" xmlns="http://getsymphony.com/schemas/extension/1.0">
<name>Cross-Site Scripting (XSS) Filter</name>
<description>Protect yourself against XSS and XSRF attacks in form submissions.</description>
<repo type="github">https://github.com/symphonycms/xssfilter</repo>
<types>
<type>Events</type>
<type>Security</type>
</types>
<authors>
<author>
<name github="symphonycms" symphony="team">Symphony Team</name>
<website>http://getsymphony.com/</website>
</author>
</authors>
<releases>
<release version="1.5.0" date="2017-04-05" min="2.4" max="2.x.x">
- Replaced deprecated preg_replace /e in extension.driver.php
- Added German translation
</release>
<release version="1.4.2" date="2016-03-06" min="2.4" max="2.x.x">
- Updated compatibility info
</release>
<release version="1.4.1" date="2015-02-08" min="2.4">
- Small patch to the attribute context cleaner
</release>
<release version="1.4" date="2014-04-28" min="2.4">
- Update extension to include context aware XSS functions for the Frontend. Big thanks to [Ashar Javed](http://www.nds.rub.de/chair/people/JAsh/)
</release>
<release version="1.3" date="2014-04-28" min="2.4">
- Update extension to include a Validate XSRF filter
</release>
<release version="1.2" date="2013-07-01" min="2.0.3" max="2.3.6">
- Add Russian translation
- Additional detection logic adding for `feed` and `data` protocols
- Update all links to **getsymphony.com**
</release>
<release version="1.1.1" date="2012-05-21" min="2.0.3">
- More robust checking to handle upload fields and integers
</release>
<release version="1.1" date="2011-05-29" min="2.0.3">
- Static `detectXSS` function so that logic can be used by other extensions outside of the Event Options context
- Events with the XSS Filter can now handle nested field data to an infinite level
- Slight performance tweak if XSS is detected
- Additional detection logic adding for `livescript` and `mocha` protocols
</release>
<release version="1.0" date="2010-10-08" min="2.0.3"/>
</releases>
</extension>