You are viewing a single comment's thread from:
RE: eduSteem - Mobile Client
1 legacy code before I read up on the need for the extra = to be added. I'll do a search for any lingering mis matches like that.
2 My plan is to convert most of the xmlhttprequest code to either a proper networking stack or web sockets. In a future release, and I agree that code is a little redundant.
3 I think we're going to sound like a broken record after a while, the data that could cause the injection isn't human accessible and scrubbed in other parts of the program. However, I have found a method that seems to work with Qt's SQL implementation and will start replacing the insecure code with a more secure version.
I'm never sure if you're a bot or not, but thanks for all the work you do for utopian.