github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-02-14 21:51:38 +00:00
Code Issues Projects Releases Packages Wiki Activity
hedgedoc/public
History
David Mehren c32b1cf42b
Don't store mermaid diagrams in innerHTML 
Using jQuery's `.html()` method stores the given string as `innerHTML`, which enables injection of arbitrary DOM elements.
Using `.text()` instead mitigates this issue.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-27 10:14:27 +01:00
..
banner
css Fix image width on mobile view for front page 2020-11-16 08:52:56 +01:00
docs Add note about X-Forwarded-Proto to 1.7.0 release notes 2020-12-21 21:35:49 +01:00
fonts
icons apply review suggestions 2020-11-15 20:12:39 +01:00
js Don't store mermaid diagrams in innerHTML 2020-12-27 10:14:27 +01:00
uploads
vendor
views Merge pull request #599 from hedgedoc/fix/icons 2020-11-27 21:06:07 +01:00
.eslintrc.js
default.md
screenshot.png Updated screenshot 2020-11-17 11:13:58 +01:00