Ryan Hitchman 4e16eae82b Escape "<>&" in apiserver errors to avoid triggering vulnerability scanners. ... Simple XSS scans might fetch /<script>alert('vulnerable')</script>, and fail when the response body includes the script tag verbatim, despite the headers directing the browser to interpret the response as text. This isn't a real vulnerability, but it's easier to fix this here than it is to fix the scanners. Kubernetes-commit: dd4bb1213d8447632fa651195980cbfae2546fb3		2017-05-12 17:30:09 +00:00
..
discovery	handle registered third parties	2017-05-12 17:30:08 +00:00
filters	remove references to client-go/pkg/api	2017-05-03 20:36:26 +00:00
handlers	Escape "<>&" in apiserver errors to avoid triggering vulnerability scanners.	2017-05-12 17:30:09 +00:00
metrics	Use regexp instead of substring to do search and replace.	2017-04-17 20:35:48 +00:00
openapi	autogenerated	2017-04-15 20:35:23 +00:00
request	autogenerated	2017-04-15 20:35:23 +00:00
testing	autogenerated	2017-04-15 20:35:23 +00:00
BUILD	separate discovery from the apiserver	2017-05-02 20:36:05 +00:00
OWNERS	Mechanical move: pkg/genericapiserver -> k8s.io/apiserver	2017-02-13 07:36:41 -05:00
apiserver.go	Mechanical move: pkg/genericapiserver -> k8s.io/apiserver	2017-02-13 07:36:41 -05:00
apiserver_test.go	Fix PathPrefix for subresources	2017-04-28 20:36:29 +00:00
doc.go	Mechanical fixup imports: pkg/genericapiserver	2017-02-13 07:36:41 -05:00
groupversion.go	separate discovery from the apiserver	2017-05-02 20:36:05 +00:00
installer.go	Add GroupVersionKind and Action extensions to OpenAPI operations	2017-05-12 17:30:09 +00:00
installer_test.go	remove go-restful from namer for rest handling	2017-04-10 20:35:11 +00:00
proxy_test.go	Updated key.pm and cert.pm to remove error in setting up localhostCert pool.	2017-04-10 20:35:11 +00:00
watch_test.go	Mechanical fixup imports: pkg/genericapiserver	2017-02-13 07:36:41 -05:00