Skip to content

Comments

[5.1] tinymce hardening fix#43176

Merged
bembelimen merged 6 commits intojoomla:5.1-devfrom
brianteeman:tinyfix
Apr 1, 2024
Merged

[5.1] tinymce hardening fix#43176
bembelimen merged 6 commits intojoomla:5.1-devfrom
brianteeman:tinyfix

Conversation

@brianteeman
Copy link
Contributor

@brianteeman brianteeman commented Mar 28, 2024
edited
Loading

This addresses two issues resolved in tinymce 7 that we can backport to 6.8

I checked with @joomla/security before posting

Please select:

  • Documentation link for docs.joomla.org:

  • No documentation changes for docs.joomla.org needed

  • Pull Request link for manual.joomla.org:

  • No documentation changes for manual.joomla.org needed

Quy
Quy reviewed Mar 28, 2024
View reviewed changes
richard67
richard67 reviewed Mar 28, 2024
View reviewed changes
@SniperSister
Copy link
Contributor

SniperSister commented Mar 28, 2024

I have tested this item ✅ successfully on 5092ce4

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/43176.

1 similar comment
@Quy
Copy link
Contributor

Quy commented Mar 28, 2024

I have tested this item ✅ successfully on 5092ce4

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/43176.

@Quy
Copy link
Contributor

Quy commented Mar 28, 2024

RTC

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/43176.

@joomla-cms-bot joomla-cms-bot added the RTC This Pull Request is Ready To Commit label Mar 28, 2024
@brianteeman
Copy link
Contributor Author

brianteeman commented Mar 28, 2024

I made this pr for 5.1 on the assumption that there will not be anothher 5.0 release. If that is incorrect then it should be backported to 5.0

@wilsonge wilsonge enabled auto-merge (squash) March 29, 2024 22:45
@Quy Quy added this to the Joomla! 5.1.0 milestone Mar 29, 2024
@bembelimen bembelimen disabled auto-merge March 29, 2024 23:21
@bembelimen bembelimen merged commit 29ec991 into joomla:5.1-dev Apr 1, 2024
@joomla-cms-bot joomla-cms-bot removed the RTC This Pull Request is Ready To Commit label Apr 1, 2024
@bembelimen
Copy link
Contributor

bembelimen commented Apr 1, 2024

Thx

@brianteeman brianteeman deleted the tinyfix branch April 1, 2024 15:11
@N6REJ
Copy link
Contributor

N6REJ commented Jul 7, 2024

just an fyi, this breaks video's that are embedded with iframes!
https://forum.joomla.org/viewtopic.php?f=834&t=1008580

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Quy Quy Quy left review comments

@richard67 richard67 richard67 left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

Joomla! 5.1.0

Development

Successfully merging this pull request may close these issues.

9 participants

@brianteeman @SniperSister @Quy @bembelimen @N6REJ @richard67 @joomla-cms-bot @QuyTon @wilsonge