New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: avoid eval string when putting back parsed string of mermaid #1633

Merged

Yukaii merged 3 commits into develop from bugfix/fix-mermaid-render-xss

Dec 25, 2020

Commits on Dec 21, 2020

fix: avoid eval string when putting back parsed string of mermaid
```
where has stored XSS issue

Signed-off-by: Max Wu <[email protected]>
```
jackycute committed Dec 21, 2020
Configuration menu
View commit details

Copy full SHA for 8d9a9ab

Browse repository at this point
Copy the full SHA

8d9a9ab View commit details

Browse the repository at this point in the history
fix: disable prefer-const lint rule for mermaid block text string
```
Signed-off-by: Max Wu <[email protected]>
```
jackycute committed Dec 21, 2020
Configuration menu
View commit details

Copy full SHA for 064dfb7

Browse repository at this point
Copy the full SHA

064dfb7 View commit details

Browse the repository at this point in the history
fix: properly validate mermaid syntax and handle parse error
```
Signed-off-by: Max Wu <[email protected]>
```
jackycute committed Dec 21, 2020
Configuration menu
View commit details

Copy full SHA for 568355a

Browse repository at this point
Copy the full SHA

568355a View commit details

Browse the repository at this point in the history