[jira] [Created] (AIRFLOW-2210) Rendering logs executes javascript code, which is dangerous and must be HTML-escaped

Alejandro Fernandez (JIRA) Mon, 12 Mar 2018 15:44:24 -0700

Alejandro Fernandez created AIRFLOW-2210:
--------------------------------------------


             Summary: Rendering logs executes javascript code, which is 
dangerous and must be HTML-escaped
                 Key: AIRFLOW-2210
                 URL: https://issues.apache.org/jira/browse/AIRFLOW-2210
             Project: Apache Airflow
          Issue Type: Bug
          Components: ui
    Affects Versions: 1.8.0
            Reporter: Alejandro Fernandez
            Assignee: Alejandro Fernandez


Rendering DAGs whose log message contains javascript will be executed on the 
browser.This is happening because the Airflow UI is not HTML escaping the log 
message.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (AIRFLOW-2210) Rendering logs executes javascript code, which is dangerous and must be HTML-escaped

Reply via email to