refine_by_taxo 5.x-0.1

Git tag 5.x-0.1
Security update

Drupal's l/url methods would usually escape all possible unsecure code. Due to an incompatibility, refine_by_taxo could no longer use this and build its own anchors, without escaping the tags properly.

Anyone who creates tags with core taxonomy module, could potentially inject arbitrary HTML and script code into your site when you use refine_by_taxo to display these tags. Note that core taxonomy has no issues, its only the display part in refine_by_taxo that did not properlty escape the output.

This is now fixed in HEAD and DRUPAL-5.

refine_by_taxo 5.x-1.x-dev

Git branch 5.x-1.x

Beta release on the 5.x branch. After enough positie feedback, we will issue a stable release for 5.

refine_by_taxo HEAD

Git branch master

refine_by_taxo 4.7.x-1.x-dev

Git branch 4.7.x-1.x
Subscribe with RSS Subscribe to Releases for Refine by taxonomy