Skip to content

[Security] Use json serialization to escape all unsafe symbols. #39499

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
boocmp opened this issue Jul 1, 2024 · 1 comment · Fixed by brave/brave-core#24439
Closed

[Security] Use json serialization to escape all unsafe symbols. #39499

boocmp opened this issue Jul 1, 2024 · 1 comment · Fixed by brave/brave-core#24439
Assignees
@boocmp
Labels
feature/speedreader OS/Desktop priority/P2 A bad problem. We might uplift this to the next planned release. QA/No release-notes/include security
Milestone
1.69.x - Release

Comments

@boocmp
Copy link

boocmp commented Jul 1, 2024

https://github.com/brave/brave-core/blob/c09127036b69ef8e6e55f32766f8002016d6dbbd/browser/speedreader/speedreader_tab_helper.cc#L64
@boocmp boocmp self-assigned this Jul 1, 2024
@boocmp boocmp mentioned this issue Jul 1, 2024
Merged
24 tasks
@rebron rebron added feature/speedreader priority/P2 A bad problem. We might uplift this to the next planned release. QA/Yes release-notes/include labels Jul 1, 2024
@brave-builds brave-builds added this to the 1.69.x - Nightly milestone Jul 8, 2024
@LaurenWags LaurenWags changed the title [Speedreader] Use json serialization to escape all unsafe symbols. [Security] Use json serialization to escape all unsafe symbols. Jul 10, 2024
@LaurenWags
Copy link
Member

LaurenWags commented Jul 10, 2024
edited
Loading

@boocmp since this one is QA/Yes could you please add a test plan? Adding QA/Blocked label until we have that available. Thanks!

@boocmp boocmp added QA/No and removed QA/Yes labels Jul 16, 2024
@LaurenWags LaurenWags mentioned this issue Aug 20, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@boocmp boocmp

Labels
feature/speedreader OS/Desktop priority/P2 A bad problem. We might uplift this to the next planned release. QA/No release-notes/include security
Projects
None yet
Milestone
1.69.x - Release
5 participants
@diracdeltas @rebron @LaurenWags @brave-builds @boocmp