New Proxy dialog renders full HTML on error
If you insert e.g. http://www.redhat.com:80 then the HTML is rendered. We should:
- only show first few lines of the output
- escape HTML entities there
I am testing more pages where we require an URL.
Low security impact.
The other aspect of this is proxy responses are likely used verbatim in success/failure popups etc, I know HTTP response messages certainly appear there.
Right, created a task on backlog for this. There is much more :-(
- Status changed from Assigned to Ready For Testing
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
- Status changed from Closed to Assigned
- % Done changed from 100 to 50
Sorry, accidentally pushed this. Please see my last comment in the PR and send a new PR for the additional change(s). Thanks!
- Status changed from Assigned to Closed
- % Done changed from 50 to 100
Also available in: Atom