XSS Linter

17 views
Skip to first unread message

Robert Raposa

unread,
Jun 30, 2017, 4:45:22 PM6/30/17
to edx-...@googlegroups.com, Engineering - All (Employees, Contractors)
The "Safe Template Linter" used in edx-platform has been renamed to the "XSS Linter" to have a more accurate name.  The linter covers Python and JavaScript, in addition to templates like Mako and Underscore.

The documentation on Read the Docs will be updated shortly.

Additionally, the tabs on the Quality Report in Jenkins have been renamed from "safecommit/*view*/" and "safelint/*view*/" to "xsscommitlint/*view*/" and "xsslint/*view*/".  As we transition Jenkins and until you rebase, you may see 404 errors on these tabs.  You can instead see the reports using the Build Artifacts reports url like this one from master.

The Confluence Wiki page on XSS Prevention has also been updated, but still needs the documentation and Jenkins work to full land.

If you have any questions, I'd be happy to answer, once I am back after July 4th. ;)

--

Robert Raposa

edX | Software Architect  | rra...@edx.org  

141 Portland Street, 9th floor

Cambridge, MA 02139

http://www.edx.org

http://www.e-learn.nl/media/blogs/e-learn/edX_Logo_Col_RGB_FINAL.jpg?mtime=1336074566
Reply all
Reply to author
Forward
0 new messages