CodeMirror

History

Bjarki Ágúst Guðmundsson 4ccf2bddfe [runmode addon] Use textContent instead of innerHTML to clear elements In general, assigning a plain string to the innerHTML property of an element can cause XSS vulnerabilities, and is thus considered as a violation by the Trusted Types web platform security mechanism. This commit addresses two such violations in CodeMirror by replacing them with semantically equivalent assignments to the textContent property. This is currently a blocker for CodeMirror users that want to enforce Trusted Types in their web application.	2022-07-09 12:54:38 +02:00
..
colorize.js	[runmode addon] Use textContent instead of innerHTML to clear elements	2022-07-09 12:54:38 +02:00
runmode.js	[runmode addon] Use textContent instead of innerHTML to clear elements	2022-07-09 12:54:38 +02:00

Bjarki Ágúst Guðmundsson 4ccf2bddfe

[runmode addon] Use textContent instead of innerHTML to clear elements

In general, assigning a plain string to the innerHTML property of an
element can cause XSS vulnerabilities, and is thus considered as a
violation by the Trusted Types web platform security mechanism. This
commit addresses two such violations in CodeMirror by replacing them
with semantically equivalent assignments to the textContent property.
This is currently a blocker for CodeMirror users that want to enforce
Trusted Types in their web application.

2022-07-09 12:54:38 +02:00

colorize.js

[runmode addon] Use textContent instead of innerHTML to clear elements

2022-07-09 12:54:38 +02:00

runmode.js

[runmode addon] Use textContent instead of innerHTML to clear elements

2022-07-09 12:54:38 +02:00