summaryrefslogtreecommitdiff
path: root/public/js/render.js (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Prevent XSS vul by srcdoc in iframeSheogorath2017-11-241-1/+1
|
* Fix unclosed tags might cause XSS [Security Issue]Wu Cheng-Han2017-09-271-1/+1
|
* Fix link regex should filter protocol with case insensitive flag [Security ↵Wu Cheng-Han2017-04-111-1/+1
| | | | Issue]
* Fix XSS vulnerability in link regex [Security Issue]Wu Cheng-Han2017-03-221-2/+2
|
* Fix render.js code stylesWu Cheng-Han2017-03-221-6/+6
|
* Use JavaScript Standard Style (part 2)BoHong Li2017-03-091-37/+39
| | | | Fixed all fail on frontend code.
* Update to allow li tag specify value numberWu Cheng-Han2017-02-171-0/+2
|
* Fix slide might able to add unsafe attribute on section tag which cause XSS ↵Wu Cheng-Han2016-11-261-0/+1
| | | | [Security Issue]
* Update to support summary tagWu Cheng-Han2016-10-291-0/+2
|
* More function expose workaround for reveal-markdown.jsYukai Huang2016-10-101-0/+1
|
* Resolve dependency module requiringYukai Huang2016-10-081-1/+5
| | | | | | | | * es5 style module exports * remove script tag require * webpack config ProvidePlugin Note that this commit only fix JavaScript module loading runtime error.
* Update to support data uri in src attribute of image tagWu Cheng-Han2016-08-151-0/+6
|
* Update XSS policy to allow iframe and link with custom protocolWu Cheng-Han2016-08-141-10/+19
|
* Update filter XSS to allow attr href starts with '.' or '/'Cheng-Han, Wu2016-04-201-0/+6
|
* Fix XSS HTML replace might get wrong on the HTML comments in the code tagsCheng-Han, Wu2016-04-201-0/+4
|
* Fixed filter XSS should allow ordered list specify start numberCheng-Han, Wu2016-03-041-0/+4
|
* Support kbd tagCheng-Han, Wu2016-02-221-1/+1
|
* Updated to support html comment tag in XSSCheng-Han, Wu2016-02-161-1/+2
|
* Updated XSS filter options to allow style tag and style attributeCheng-Han, Wu2016-02-111-11/+21
|
* Fixed prevent XSS might break lots of tags and only need after renderedCheng-Han, Wu2016-02-111-0/+13