p71924506
/
wblog
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix xss

This commit is contained in:
yafeilee 2018-03-23 14:18:45 +08:00
parent fabb1d642b
commit 7e0aba298d
2 changed files with 90 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
Gemfile.lock
View File

@ -1,6 +1,6 @@
GIT
remote: git://github.com/amatsuda/kaminari.git
revision: 8e3b9db8e8d64f76c3be7b0872ad27ae495a8e3a
revision: 62ec743dcee69e02186e5f1a309b08e59d83f647
specs:
kaminari (1.1.1)
activesupport (>= 4.1.0)
@ -27,39 +27,39 @@ GIT
GEM
remote: https://rubygems.org/
specs:
actioncable (5.1.4)
actionpack (= 5.1.4)
actioncable (5.1.5)
actionpack (= 5.1.5)
nio4r (~> 2.0)
websocket-driver (~> 0.6.1)
actionmailer (5.1.4)
actionpack (= 5.1.4)
actionview (= 5.1.4)
activejob (= 5.1.4)
actionmailer (5.1.5)
actionpack (= 5.1.5)
actionview (= 5.1.5)
activejob (= 5.1.5)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.1.4)
actionview (= 5.1.4)
activesupport (= 5.1.4)
actionpack (5.1.5)
actionview (= 5.1.5)
activesupport (= 5.1.5)
rack (~> 2.0)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.1.4)
activesupport (= 5.1.4)
actionview (5.1.5)
activesupport (= 5.1.5)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.1.4)
activesupport (= 5.1.4)
activejob (5.1.5)
activesupport (= 5.1.5)
globalid (>= 0.3.6)
activemodel (5.1.4)
activesupport (= 5.1.4)
activerecord (5.1.4)
activemodel (= 5.1.4)
activesupport (= 5.1.4)
activemodel (5.1.5)
activesupport (= 5.1.5)
activerecord (5.1.5)
activemodel (= 5.1.5)
activesupport (= 5.1.5)
arel (~> 8.0)
activesupport (5.1.4)
activesupport (5.1.5)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (~> 0.7)
minitest (~> 5.1)
@ -71,14 +71,14 @@ GEM
babel-transpiler (0.7.0)
babel-source (>= 4.0, < 6)
execjs (~> 2.0)
browser (2.5.2)
browser (2.5.3)
browser_warrior (0.7.0)
browser
rails (~> 5.0)
sass-rails (~> 5.0)
builder (3.2.3)
byebug (9.1.0)
capybara (2.17.0)
byebug (10.0.1)
capybara (2.18.0)
addressable
mini_mime (>= 0.1.3)
nokogiri (>= 1.3.3)
@ -107,17 +107,17 @@ GEM
docile (1.1.5)
domain_name (0.5.20170404)
unf (>= 0.0.5, < 1.0.0)
erubi (1.7.0)
erubi (1.7.1)
execjs (2.7.0)
factory_girl (4.9.0)
activesupport (>= 3.0.0)
factory_girl_rails (4.9.0)
factory_girl (~> 4.9.0)
railties (>= 3.0.0)
ffi (1.9.18)
ffi (1.9.23)
figaro (1.1.1)
thor (~> 0.14)
font-awesome-sass (4.7.0)
font-awesome-sass (5.0.6.2)
sass (>= 3.2)
formatador (0.2.5)
foundation-icons-sass-rails (3.0.0)
@ -154,7 +154,7 @@ GEM
nokogiri (~> 1.5)
http-cookie (1.0.3)
domain_name (~> 0.5)
i18n (0.9.1)
i18n (0.9.5)
concurrent-ruby (~> 1.0)
jbuilder (2.7.0)
activesupport (>= 4.2.0)
@ -170,7 +170,7 @@ GEM
rb-fsevent (~> 0.9, >= 0.9.4)
rb-inotify (~> 0.9, >= 0.9.7)
ruby_dep (~> 1.2)
loofah (2.1.1)
loofah (2.2.2)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
lumberjack (1.0.12)
@ -195,13 +195,13 @@ GEM
mini_magick (4.8.0)
mini_mime (1.0.0)
mini_portile2 (2.3.0)
minitest (5.11.1)
minitest (5.11.3)
multi_json (1.13.1)
nenv (0.3.0)
netrc (0.11.0)
newrelic_rpm (4.7.1.340)
nio4r (2.2.0)
nokogiri (1.8.1)
newrelic_rpm (4.8.0.341)
nio4r (2.3.0)
nokogiri (1.8.2)
mini_portile2 (~> 2.3.0)
notiffany (0.1.1)
nenv (~> 0.1)
@ -211,25 +211,25 @@ GEM
pry (0.11.3)
coderay (~> 1.1.0)
method_source (~> 0.9.0)
public_suffix (3.0.1)
puma (3.11.2)
rack (2.0.3)
public_suffix (3.0.2)
puma (3.11.3)
rack (2.0.4)
rack-cors (1.0.2)
rack-protection (2.0.0)
rack-protection (2.0.1)
rack
rack-test (0.8.2)
rack-test (0.8.3)
rack (>= 1.0, < 3)
rails (5.1.4)
actioncable (= 5.1.4)
actionmailer (= 5.1.4)
actionpack (= 5.1.4)
actionview (= 5.1.4)
activejob (= 5.1.4)
activemodel (= 5.1.4)
activerecord (= 5.1.4)
activesupport (= 5.1.4)
rails (5.1.5)
actioncable (= 5.1.5)
actionmailer (= 5.1.5)
actionpack (= 5.1.5)
actionview (= 5.1.5)
activejob (= 5.1.5)
activemodel (= 5.1.5)
activerecord (= 5.1.5)
activesupport (= 5.1.5)
bundler (>= 1.3.0)
railties (= 5.1.4)
railties (= 5.1.5)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.2)
actionpack (~> 5.x, >= 5.0.1)
@ -238,19 +238,19 @@ GEM
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.0.3)
loofah (~> 2.0)
rails-html-sanitizer (1.0.4)
loofah (~> 2.2, >= 2.2.2)
rails-i18n (5.0.4)
i18n (~> 0.7)
railties (~> 5.0)
railties (5.1.4)
actionpack (= 5.1.4)
activesupport (= 5.1.4)
railties (5.1.5)
actionpack (= 5.1.5)
activesupport (= 5.1.5)
method_source
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rake (12.3.0)
rb-fsevent (0.10.2)
rake (12.3.1)
rb-fsevent (0.10.3)
rb-inotify (0.9.10)
ffi (>= 0.5.0, < 2)
redcarpet (3.4.0)
@ -261,7 +261,7 @@ GEM
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 4.0)
netrc (~> 0.8)
rouge (3.1.0)
rouge (3.1.1)
rspec (3.7.0)
rspec-core (~> 3.7.0)
rspec-expectations (~> 3.7.0)
@ -285,7 +285,7 @@ GEM
rspec-sidekiq (3.0.3)
rspec-core (~> 3.0, >= 3.0.0)
sidekiq (>= 2.4.0)
rspec-support (3.7.0)
rspec-support (3.7.1)
ruby_dep (1.5.0)
sass (3.4.25)
sass-rails (5.0.7)
@ -295,11 +295,11 @@ GEM
sprockets-rails (>= 2.0, < 4.0)
tilt (>= 1.1, < 3)
shellany (0.0.1)
sidekiq (5.0.5)
sidekiq (5.1.1)
concurrent-ruby (~> 1.0)
connection_pool (~> 2.2, >= 2.2.0)
rack-protection (>= 1.5.0)
redis (>= 3.3.4, < 5)
redis (>= 3.3.5, < 5)
simplecov (0.13.0)
docile (~> 1.1.0)
json (>= 1.8, < 3)
@ -335,13 +335,13 @@ GEM
turbolinks (5.1.0)
turbolinks-source (~> 5.1)
turbolinks-source (5.1.0)
tzinfo (1.2.4)
tzinfo (1.2.5)
thread_safe (~> 0.1)
uglifier (4.1.3)
uglifier (4.1.8)
execjs (>= 0.3.0, < 3)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.4)
unf_ext (0.0.7.5)
websocket-driver (0.6.5)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.3)
@ -407,4 +407,4 @@ RUBY VERSION
ruby 2.3.1p112
BUNDLED WITH
1.15.4
1.16.1

2
vendor/assets/javascripts/jquery.html5-fileupload.js vendored
View File

@ -64,7 +64,7 @@
(function($) {
// Don't do logging if window.log function does not exist.
var log = window.log || $.noop;
var log = window.console.log || $.noop;
// jQuery.ajax config
var config = {