github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-11-25 11:16:31 -05:00
Code Issues Projects Releases Packages Wiki Activity
hedgedoc/public
History
David Mehren c32b1cf42b
Don't store mermaid diagrams in innerHTML 
Using jQuery's `.html()` method stores the given string as `innerHTML`, which enables injection of arbitrary DOM elements.
Using `.text()` instead mitigates this issue.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-27 10:14:27 +01:00
..
banner Replace CodiMD with HedgeDoc 2020-11-14 21:18:36 +01:00
css Fix image width on mobile view for front page 2020-11-16 08:52:56 +01:00
docs Add note about X-Forwarded-Proto to 1.7.0 release notes 2020-12-21 21:35:49 +01:00
fonts Remove uesless executable permission for static files 2016-11-14 21:13:02 +08:00
icons apply review suggestions 2020-11-15 20:12:39 +01:00
js Don't store mermaid diagrams in innerHTML 2020-12-27 10:14:27 +01:00
uploads upload image to public/uploads 2016-11-14 16:45:57 +08:00
vendor Fix toolbar day mode 2019-05-12 20:15:46 +02:00
views Merge pull request #599 from hedgedoc/fix/icons 2020-11-27 21:06:07 +01:00
.eslintrc.js switching to eslint for code checking 2018-11-14 23:15:36 +01:00
default.md Removed unused note and set empty on default note, updated features note 2016-01-17 09:57:25 -06:00
screenshot.png Updated screenshot 2020-11-17 11:13:58 +01:00