XSS in cgit

Jason A. Donenfeld Jason at zx2c4.com
Sat Jan 16 01:23:39 CET 2016

Hi Michael,

Thanks for your response. So the use case was in fact quite specific,
and it seems like our recent treatment of the /plain endpoint handles
that quite well and in a safe manner too.

Okay, I feel solid about the change now. Thanks a bunch.


More information about the CGit mailing list