Archives/gnosygnu_xowa
1
0
Fork 0
mirror of https://github.com/gnosygnu/xowa.git synced 2026-03-02 03:49:30 +00:00
Code Issues Projects Releases Wiki Activity

v4.5.2.1704

Browse Source
This commit is contained in:
gnosygnu
2017-04-27 21:02:09 -04:00
parent 328c8aadbe
commit fe28f573fb
242 changed files with 3997 additions and 3175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
home/wiki/Help/Security.html
View File

@@ -18,7 +18,7 @@
<div id="mw-content-text" lang="en" dir="ltr" class="mw-content-ltr">
<h2>
<span class="mw-headline" id="Java">Java</span> <span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/wiki/Help/Security?action=edit&amp;section_key=Java" title="Edit section: Java" class="xowa-hover-off">edit</a><span class="mw-editsection-bracket">]</span></span>
<span class="mw-headline" id="Java">Java</span>
</h2>
<p>
Java vulnerabilities (and the resulting patches) are often in the news. However, most of these vulnerabilities affect machines with the Java browser plugin. <b>A machine can have Java installed and be largely unaffected by these vulnerabilities -- so long as the Java browser plugin is disabled</b>. If you want to check that the Java browser plugin is disabled, you can review the instructions at this link: <a href="http://www.java.com/en/download/help/disable_browser.xml" rel="nofollow" class="external free">http://www.java.com/en/download/help/disable_browser.xml</a>
@@ -43,7 +43,7 @@
Finally, although XOWA uses Java and is a browser-based app, it does not use the Java browser plugin in any manner.
</p>
<h2>
<span class="mw-headline" id="Javascript">Javascript</span> <span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/wiki/Help/Security?action=edit&amp;section_key=Javascript" title="Edit section: Javascript" class="xowa-hover-off">edit</a><span class="mw-editsection-bracket">]</span></span>
<span class="mw-headline" id="Javascript">Javascript</span>
</h2>
<p>
XOWA uses Javascript throughout the app for MathJax, sortable tables, reference tool-tips, and many other functions. Javascript is a versatile language for working with web pages, but that same versatility also makes it a vector for attack. There is always a possibility that malicious Javascript could be added to a wiki page, and that this malicious Javascript could make its way to your machine.