swagger-ui

kyy/swagger-ui

Fork 0

Commit Graph

Author	SHA1	Message	Date
Vladimir Gorej	a616cb471d	fix(Markdown): render markdown in more secure way This commit changes markdown sanitization behaviour in following way: class, style and data-* attributes are removed by default. These attributes open possible vulnerability vectors to attackers. The original behavior of sanitizer (before this commit) can be enabled by useUnsafeMarkdown configuration option. Use this configuration option with caution and only in cases when you know what you're doing.	2020-06-11 21:51:15 +02:00
kyle	f523ec40f0	housekeeping: reorganize and rewire Mocha tests (#5600 ) * move Mocha-run tests to `test/mocha` * fix relative paths * fix JSX test paths * update stagnated JSX tests * `test/setup.js` -> `test/mocha/setup.js` * use regex+globstar for test matching * remove `console.log`	2019-09-10 21:26:21 -07:00

Author

SHA1

Message

Date

Vladimir Gorej

a616cb471d

fix(Markdown): render markdown in more secure way

This commit changes markdown sanitization behaviour in following way:

class, style and data-* attributes are removed by default. These attributes
open possible vulnerability vectors to attackers.

The original behavior of sanitizer (before this commit) can be enabled by *useUnsafeMarkdown* configuration option.
Use this configuration option with caution and only in cases when you know
what you're doing.

2020-06-11 21:51:15 +02:00

kyle

f523ec40f0

housekeeping: reorganize and rewire Mocha tests (#5600 )

* move Mocha-run tests to `test/mocha`

* fix relative paths

* fix JSX test paths

* update stagnated JSX tests

* `test/setup.js` -> `test/mocha/setup.js`

* use regex+globstar for test matching

* remove `console.log`

2019-09-10 21:26:21 -07:00

2 Commits