Strip HTML tags for gist id to avoid stored XSS on showing error [Security Issue] by jackycute · Pull Request #1691 · hackmdio/codimd
jackycute
changed the title
Escape gist id to avoid stored XSS on showing error [Security Issue]
Strip HTML tags for gist id to avoid stored XSS on showing error [Security Issue]
… [Security Issue] Signed-off-by: Max Wu <jackymaxj@gmail.com>
…ist show loading attrtributes Signed-off-by: Max Wu <jackymaxj@gmail.com>
Yukaii
deleted the
bugfix/fix-gist-id-stored-XSS
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters