XSS in cgit
john at keeping.me.uk
Sat Jan 16 10:38:36 CET 2016
On Sat, Jan 16, 2016 at 01:23:39AM +0100, Jason A. Donenfeld wrote:
> Thanks for your response. So the use case was in fact quite specific,
> and it seems like our recent treatment of the /plain endpoint handles
> that quite well and in a safe manner too.
> Okay, I feel solid about the change now. Thanks a bunch.
It doesn't look like Michael's email made it to the list. Would you
mind summarising the use case?
More information about the CGit