From de5d910d183e573b977a9373d5bf45976bb0a4bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=9CMusaab?= Date: Fri, 29 Sep 2023 20:24:59 +0500 Subject: [PATCH 1/3] Link of work --- _docs/developer/google_summer_of_code/2023_Musaab_Imran.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md b/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md index 457b7c86..68487c51 100644 --- a/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md +++ b/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md @@ -6,7 +6,7 @@ category: Developer > Google Summer of Code 2023 ## 🛡️ Website Security and Penetration Testing The security of the Submitty website is of paramount importance due to its direct impact on student grades and academic integrity. Even a single vulnerability can lead to unfair academic advantages and legal complications concerning student data protection. Therefore, this project aimed to contribute to the assurance of proper access control, authorization mechanisms, and robust code that align with the high security standards expected from educational platforms like Submitty. -You can find all my merged PRs in this link. +You can find all my merged PRs in this link. --- ## 🎯 Project Scope From 888070c2c6b8858798f0b84b620860b9b4987cae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=9CMusaab?= Date: Fri, 29 Sep 2023 20:31:41 +0500 Subject: [PATCH 2/3] update --- _docs/developer/google_summer_of_code/2023_Musaab_Imran.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md b/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md index 68487c51..42e31a59 100644 --- a/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md +++ b/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md @@ -101,12 +101,12 @@ Implemented Referrer-Policy header to prevent the leakage of sensitive informati #### Updating Disabled Functions List Updated the list of disabled functions to prevent the execution of potentially dangerous PHP functions. This reduces the risk of remote code execution and other malicious attacks. -🔺[PR ]() +🔺[PR #]() #### Whitelisting MIME Types Whitelisted MIME types to prevent the execution of potentially dangerous file types. This reduces the risk of remote code execution and other malicious attacks. Only the allowed MIME types can be uploaded to the server. -🔺[PR ]() +🔺[PR #]() --- ## 👾 Bugfix PRs From 96ee987f58dbf30745244a1546b25f4ee5baa414 Mon Sep 17 00:00:00 2001 From: Musaab Imran <96174078+musaabimran@users.noreply.github.com> Date: Tue, 21 Nov 2023 12:15:45 +0500 Subject: [PATCH 3/3] Update 2023_Musaab_Imran.md --- _docs/developer/google_summer_of_code/2023_Musaab_Imran.md | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md b/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md index 42e31a59..66451edf 100644 --- a/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md +++ b/_docs/developer/google_summer_of_code/2023_Musaab_Imran.md @@ -98,15 +98,10 @@ Implemented Referrer-Policy header to prevent the leakage of sensitive informati 🔺[PR #9772](https://github.com/Submitty/Submitty/pull/9772) -#### Updating Disabled Functions List -Updated the list of disabled functions to prevent the execution of potentially dangerous PHP functions. This reduces the risk of remote code execution and other malicious attacks. - -🔺[PR #]() - #### Whitelisting MIME Types Whitelisted MIME types to prevent the execution of potentially dangerous file types. This reduces the risk of remote code execution and other malicious attacks. Only the allowed MIME types can be uploaded to the server. -🔺[PR #]() +🔺[PR #10003](https://github.com/Submitty/Submitty/pull/10003) --- ## 👾 Bugfix PRs