Sheogorath
|
93b91163cd
|
Prevent XSS vul by srcdoc in iframe
|
2017-11-24 10:10:50 +01:00 |
|
Wu Cheng-Han
|
9b00afb863
|
Fix unclosed tags might cause XSS [Security Issue]
|
2017-09-27 18:20:04 +08:00 |
|
Wu Cheng-Han
|
48df250491
|
Fix link regex should filter protocol with case insensitive flag [Security Issue]
|
2017-04-11 22:25:14 +08:00 |
|
Wu Cheng-Han
|
e629800457
|
Fix XSS vulnerability in link regex [Security Issue]
|
2017-03-22 18:26:35 +08:00 |
|
Wu Cheng-Han
|
0f3b028ed6
|
Fix render.js code styles
|
2017-03-22 18:26:30 +08:00 |
|
BoHong Li
|
5bc642d02e
|
Use JavaScript Standard Style (part 2)
Fixed all fail on frontend code.
|
2017-03-09 02:41:05 +08:00 |
|
Wu Cheng-Han
|
1ca39d9c8e
|
Update to allow li tag specify value number
|
2017-02-17 21:56:35 +08:00 |
|
Wu Cheng-Han
|
79d5b2c37f
|
Fix slide might able to add unsafe attribute on section tag which cause XSS [Security Issue]
|
2016-11-26 22:46:58 +08:00 |
|
Wu Cheng-Han
|
ba2bfa2188
|
Update to support summary tag
|
2016-10-29 23:43:58 +08:00 |
|
Yukai Huang
|
e10203b7e9
|
More function expose workaround for reveal-markdown.js
|
2016-10-10 08:24:58 +08:00 |
|
Yukai Huang
|
963a435ae1
|
Resolve dependency module requiring
* es5 style module exports
* remove script tag require
* webpack config ProvidePlugin
Note that this commit only fix JavaScript module loading runtime error.
|
2016-10-08 20:02:30 +08:00 |
|
Wu Cheng-Han
|
ecd7218917
|
Update to support data uri in src attribute of image tag
|
2016-08-15 11:00:02 +08:00 |
|
Wu Cheng-Han
|
cf290e86e1
|
Update XSS policy to allow iframe and link with custom protocol
|
2016-08-14 18:32:22 +08:00 |
|
Cheng-Han, Wu
|
f6a995143d
|
Update filter XSS to allow attr href starts with '.' or '/'
|
2016-04-20 18:18:52 +08:00 |
|
Cheng-Han, Wu
|
edc3a31dfd
|
Fix XSS HTML replace might get wrong on the HTML comments in the code tags
|
2016-04-20 18:10:43 +08:00 |
|
Cheng-Han, Wu
|
049eae5024
|
Fixed filter XSS should allow ordered list specify start number
|
2016-03-04 23:17:59 +08:00 |
|
Cheng-Han, Wu
|
c509abbc39
|
Support kbd tag
|
2016-02-22 22:42:40 +08:00 |
|
Cheng-Han, Wu
|
2501b190ab
|
Updated to support html comment tag in XSS
|
2016-02-16 09:51:22 -06:00 |
|
Cheng-Han, Wu
|
2a774064af
|
Updated XSS filter options to allow style tag and style attribute
|
2016-02-11 14:33:21 -06:00 |
|
Cheng-Han, Wu
|
4c4a0e0f3f
|
Fixed prevent XSS might break lots of tags and only need after rendered
|
2016-02-11 03:45:13 -06:00 |
|