mirror of
1
Fork 0
forgejo/web_src/js
Gusted d8a8961b99
Sanitize user-input on file name (#17666)
* Sanitize user-input on file name

- Sanitize user-input before it get passed into the DOM.
- Prevent things like "<iframe onload=alert(1)></iframe>" from being
executed. This isn't a XSS attack as the server seems to be santizing
the path as well.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-17 18:08:25 +00:00
..
components Frontend refactor, PascalCase to camelCase, remove unused code (#17365) 2021-10-21 15:37:43 +08:00
features Sanitize user-input on file name (#17666) 2021-11-17 18:08:25 +00:00
markup Add copy button to markdown code blocks (#17638) 2021-11-16 16:16:05 +08:00
standalone docs: swagger show models by default (#14880) 2021-03-07 22:19:14 +01:00
vendor Restore Accessibility for Dropdown (#16576) 2021-08-06 01:16:24 +03:00
easymde.js Switch from SimpleMDE to EasyMDE (#13333) 2020-11-10 14:16:30 -05:00
index.js Improve async/await usage, and sort init calls in `index.js` (#17386) 2021-11-09 17:27:25 +08:00
jquery.js Upgrade jQuery to 3.5.0, remove jQuery-Migrate, fix deprecations (#11055) 2020-04-18 18:46:29 -04:00
publicpath.js Frontend refactor, PascalCase to camelCase, remove unused code (#17365) 2021-10-21 15:37:43 +08:00
serviceworker.js Fix serviceworker output file and misc improvements (#11562) 2020-05-24 08:36:40 +01:00
svg.js Add copy button to markdown code blocks (#17638) 2021-11-16 16:16:05 +08:00
svg.test.js Add copy button to markdown code blocks (#17638) 2021-11-16 16:16:05 +08:00
utils.js Fix context popup error (#17398) 2021-10-22 22:34:01 +08:00
utils.test.js Fix context popup error (#17398) 2021-10-22 22:34:01 +08:00