-
It's not possible to add a protocol-relative URL in the src attribute from script tag.
At naughtyHref function it is handled, but after that this code is executed:
const parsed = new URL(value);…
-
In `modules/@apostrophecms/i18n/i18n/en.json`
```
"takeActionAndCreateNew": "{{ saveLabel }} and View",
"takeActionAndView": "{{ saveLabel }} and View",
```
`takeActionAndCreateNew` should …
-
## The problem to solve
Is your feature request related to a problem you are experiencing that is *not* a bug? Please describe.
> A clear and concise description of what the problem is. Ex: "Whe…
-
I'm trying to sanitize a string that is provided as data for xml-configurator, this data is in the form of { key:value} and it's applied among the xml so it can make some xss attacks.
I made some t…
-
## The problem to solve
I would like the sanitised string to be displayed exactly as input. Discarding text is not helpful, as it will be missing.
`options.disallowedTagsMode = 'recursiveEscape'` …
-
I would like to re-open the topic of declarative Shadow DOM. This has been discussed in the past, [here on WHATWG](https://github.com/whatwg/dom/issues/510), in W3C [here](https://github.com/w3c/webco…
-
Step :
1. i am using apostrophe version 3 and i want to use as a headless cms
2. set option:csrf to false modules\@apostrophecms\express\index.js , like this:
![image](https://user-images.gi…
-
I've been noticing something weird in this orgs repos. I find a commit like "bumps package version" but the commit is not tagged with the version number, and the new version is not published to npm.
…
-
## To Reproduce
I started from the out-of-the-box a3-boilerplate project, then used the following piece-type :
```javascript
module.exports = {
extend: "@apostrophecms/piece-type",
optio…
-
### Contact Details
_No response_
### What happened?
When inserting a tag into a page after page load - the other tags do not render.
Reported first - [Is there a way to get an existing …