mailpit/server/ui-src at a078c318e801643fb01f41802795e2c5d8dcb169 - mailpit - Gitea: Git with a cup of tea

eric/mailpit

mirror of https://github.com/axllent/mailpit.git synced 2026-06-28 23:16:04 +00:00

Files

History

Ralph Slooten a078c318e8 Fix(Security): Prevent bypass of Contend Security Policy using stored XSS, and sanitize preview HTML data (DOMPurify)

This closes a security hole whereby a bad actor with SMTP access can bypass the CSP headers with a series of specially crafted HTML messages. A special thanks to @bmodotdev for responsibly disclosing the vulnerability and proving information and an initial fix.

2024-07-26 22:02:14 +12:00

..

Minor UI dropdown tweak

2024-04-20 23:58:05 +12:00

Fix(Security): Prevent bypass of Contend Security Policy using stored XSS, and sanitize preview HTML data (DOMPurify)

2024-07-26 22:02:14 +12:00

Chore: Refactor JavaScript, use arrow functions instead of "self" aliasing

2024-06-22 13:27:00 +12:00

UI: Rewrite web UI, add URL routing and components

2023-09-22 15:06:03 +12:00

Correctly handle browser back/forward navigation with pagination

2024-06-07 14:05:50 +12:00

Chore: Refactor JavaScript, use arrow functions instead of "self" aliasing

2024-06-22 13:27:00 +12:00

app.js

UI: Rewrite web UI, add URL routing and components

2023-09-22 15:06:03 +12:00

App.vue

Feature: Add ability to rename and delete tags globally

2024-06-29 17:12:56 +12:00

docs.js

Feature: OpenAPI / Swagger schema

2023-03-31 18:44:08 +13:00

screenshot.png

Update screenshot

2024-04-26 16:11:54 +12:00