inf226-2021-inchat merge requestshttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests2022-01-25T09:00:30+01:00https://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/12The protection flags for the session cookie has been added.2022-01-25T09:00:30+01:00Vetle.HjelmtvedtThe protection flags for the session cookie has been added.Vetle.HjelmtvedtVetle.Hjelmtvedthttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/11Fixed some other security holes in the code including removing the admin user...2021-11-14T23:06:05+01:00Vetle.HjelmtvedtFixed some other security holes in the code including removing the admin user...Fixed some other security holes in the code including removing the admin user and putting in a password repeat checker for the registration.Fixed some other security holes in the code including removing the admin user and putting in a password repeat checker for the registration.Vetle.HjelmtvedtVetle.Hjelmtvedthttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/10Task42021-11-14T20:48:48+01:00Vetle.HjelmtvedtTask4Implemented access controlImplemented access controlVetle.HjelmtvedtVetle.Hjelmtvedthttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/9Task0 b2021-11-13T13:44:01+01:00Vetle.HjelmtvedtTask0 bhttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/8Task w2021-11-13T13:42:09+01:00Vetle.HjelmtvedtTask wFixed various headersFixed various headersVetle.HjelmtvedtVetle.Hjelmtvedthttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/7Task32021-11-12T13:21:46+01:00Vetle.HjelmtvedtTask3Used session identity in hidden input field to validate the request is coming from the user intentionally.Used session identity in hidden input field to validate the request is coming from the user intentionally.Vetle.HjelmtvedtVetle.Hjelmtvedthttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/6Ignores compiler.xml and production.db2021-11-11T21:25:46+01:00Arild.GrimstveitIgnores compiler.xml and production.dbIgnores all db files and removes tracking from production.dbIgnores all db files and removes tracking from production.dbhttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/5Task0B2021-11-11T21:51:44+01:00Mathias.VehusTask0BImplemented Password and UserName classesImplemented Password and UserName classesMathias.VehusMathias.Vehushttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/4Task 2 - Cross Site Scripting (XSS)2021-11-12T19:52:35+01:00Arild.GrimstveitTask 2 - Cross Site Scripting (XSS)Take measures to prevent XSS attacks on inChat.
#5
Use OWASP Java Encoding library to encode untrusted data with EncodeTake measures to prevent XSS attacks on inChat.
#5
Use OWASP Java Encoding library to encode untrusted data with EncodeArild.GrimstveitArild.Grimstveithttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/3Task0 a2021-11-10T18:07:10+01:00Vetle.HjelmtvedtTask0 aUsed Scrypt to hash passwords and store them in DB when registering. Also used Scrypt to check given password to stored hashed password on a login request.Used Scrypt to hash passwords and store them in DB when registering. Also used Scrypt to check given password to stored hashed password on a login request.Vetle.HjelmtvedtVetle.Hjelmtvedthttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/2Gitignore2021-11-10T17:18:42+01:00Vetle.HjelmtvedtGitignoreLa til gitignoreLa til gitignoreVetle.HjelmtvedtVetle.Hjelmtvedthttps://git.app.uib.no/Vetle.Hjelmtvedt/inf226-2021-inchat/-/merge_requests/1Task1 - SQL Injection2021-11-10T17:16:47+01:00Vetle.HjelmtvedtTask1 - SQL InjectionUpdated all queries and updates to the DB to use prepared statementsUpdated all queries and updates to the DB to use prepared statementsVetle.HjelmtvedtVetle.Hjelmtvedt