T287542: API action=parse&prop=headhtml leaking user tokens and other private info in cross-origin requests (again)
From cpt
Phabricator Link | T287542 |
---|---|
Status | resolved |
Priority | Needs Triage (violet) |
Points | |
Phabricator Task Created | 2021/07/27 07:53 PM |
Wiki Page Created | 2021/08/10 04:28 PM |
Phabricator Task Last Modified | 2021/08/12 11:10 AM |
Wiki Page Last Updated | 2021/08/12 12:28 PM |
Phabricator Task Closed | 2021/08/10 02:31 PM |
Authored By | suffusion_of_yellow (Suffusion of Yellow) |
Assigned To | Legoktm (Legoktm) |
Projects |
|
Platform Engineering Initiative Column | |
Platform Team Workboards Column | |
Subtasks | |
Parent Tasks |
Column Transitions: (Added project: ⇑, Removed project: ⇓,Entered column: ⇒, Exited column: ⇐)
Project | Column | Date |
---|---|---|
⇑ Security | 27 July 2021 | |
⇑ Security-Team | 27 July 2021 | |
⇑ MediaWiki-API | 27 July 2021 | |
⇑ Vuln-CSRF | 27 July 2021 | |
⇑ Vuln-Infoleak | 27 July 2021 | |
⇑ Regression | 27 July 2021 | |
⇑ Platform Engineering | 29 July 2021 | |
Security-Team | ⇐ Incoming | 29 July 2021 |
Security-Team | ⇒ Watching | 29 July 2021 |
⇑ SecTeam-Processed | 29 July 2021 | |
Security-Team | ⇐ Watching | 6 August 2021 |
Security-Team | ⇒ Incoming | 6 August 2021 |
Security-Team | ⇐ Incoming | 12 August 2021 |
Security-Team | ⇒ Our Part Is Done | 12 August 2021 |