[jira] [Updated] (AIRFLOW-2210) Rendering logs executes javascript code which must be HTML-escaped
[ https://issues.apache.org/jira/browse/AIRFLOW-2210?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Alejandro Fernandez updated AIRFLOW-2210: - Attachment: airflow_log_running_js.png > Rendering logs executes javascript code which must be HTML-escaped > -- > > Key: AIRFLOW-2210 > URL: https://issues.apache.org/jira/browse/AIRFLOW-2210 > Project: Apache Airflow > Issue Type: Bug > Components: ui >Affects Versions: 1.8.0 >Reporter: Alejandro Fernandez >Assignee: Alejandro Fernandez >Priority: Major > Attachments: airflow_log_running_js.png > > > Rendering DAGs whose log message contains javascript will be executed on the > browser.This is happening because the Airflow UI is not HTML escaping the log > message. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AIRFLOW-2210) Rendering logs executes javascript code which must be HTML-escaped
[ https://issues.apache.org/jira/browse/AIRFLOW-2210?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Alejandro Fernandez updated AIRFLOW-2210: - Summary: Rendering logs executes javascript code which must be HTML-escaped (was: Rendering logs executes javascript code, which is dangerous and must be HTML-escaped) > Rendering logs executes javascript code which must be HTML-escaped > -- > > Key: AIRFLOW-2210 > URL: https://issues.apache.org/jira/browse/AIRFLOW-2210 > Project: Apache Airflow > Issue Type: Bug > Components: ui >Affects Versions: 1.8.0 >Reporter: Alejandro Fernandez >Assignee: Alejandro Fernandez >Priority: Major > > Rendering DAGs whose log message contains javascript will be executed on the > browser.This is happening because the Airflow UI is not HTML escaping the log > message. -- This message was sent by Atlassian JIRA (v7.6.3#76005)