opensourcemirror
/
CodeMirror
mirror of https://github.com/codemirror/CodeMirror.git
1
0
Fork 0
Code Issues Releases Wiki Activity
CodeMirror/addon/tern
History
Bjarki Ágúst Guðmundsson a6fdd560c7
[tern addon] Make sure dialog text is HTML escaped 
This addresses a potential XSS vulnerability caused by tern's
construction of inline HTML where text input is not escaped, which is
then passed to the openDialog function for rendering. The construction
is replaced with an equivalent DOM fragment construction, which
the openDialog API also supports.

This is currently a blocker for CodeMirror users that want to enforce
Trusted Types in their web application.
 		2022-07-09 12:53:36 +02:00
..
tern.css [tern addon] Update CSS to prevent cutting off of icons 2015-07-13 12:41:16 +02:00
tern.js [tern addon] Make sure dialog text is HTML escaped 2022-07-09 12:53:36 +02:00
worker.js Adjust website and github links to include '5' 2022-06-08 09:58:57 +02:00