Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Disallow scripted content in epubs #5741

Merged
merged 1 commit into from
Jul 11, 2024

Conversation

thornbill
Copy link
Member

Changes
Disallows scripted content in epub files to prevent xss

Issues
Reported via email

@thornbill thornbill added enhancement Improve existing functionality or small fixes security This PR or issue mainly concerns security needs testing This PR requires additional testing labels Jun 27, 2024
@thornbill thornbill added this to the v10.9.8 milestone Jun 27, 2024
@thornbill thornbill requested a review from a team as a code owner June 27, 2024 18:10
@thornbill thornbill added the stable backport Backport into the next stable release label Jun 27, 2024
@thornbill thornbill removed the needs testing This PR requires additional testing label Jul 11, 2024
@thornbill thornbill merged commit e669a9b into jellyfin:release-10.9.z Jul 11, 2024
8 checks passed
@thornbill thornbill deleted the epubjs-no-scripts branch July 11, 2024 03:33
@jellyfin-bot jellyfin-bot removed the stable backport Backport into the next stable release label Jul 21, 2024
joshuaboniface pushed a commit that referenced this pull request Jul 21, 2024
Disallow scripted content in epubs

Original-merge: e669a9b

Merged-by: thornbill <thornbill@users.noreply.github.com>

Backported-by: Bill Thornton <thornbill@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement Improve existing functionality or small fixes security This PR or issue mainly concerns security
Projects
No open projects
Status: Done
Development

Successfully merging this pull request may close these issues.

3 participants