-
![2024-06-03-074241_253x93_scrot](https://github.com/iv-org/invidious/assets/161307814/9bc7d532-8d48-44cb-90ef-35b29cce21d9)
![2024-06-03-074153_840x130_scrot](https://github.com/iv-org/invidious/a…
-
I want to be able to render an anchor tag with an onclick attribute that executes some javascript. This was possible before version 6.11.4, but was changed in [this PR](https://github.com/quantizor/ma…
-
this is probably causing some glitch for a lot of people whenever their errors contain content that could be interpreted as html tags.
-
### Is it an issue related to Adaptive Cards?
No
### Is this an accessibility issue?
No
### What version of Web Chat are you using?
Latest production
### Which distribution are you using Web Cha…
-
There are many places that accept v-html input and the input isn't sanitized for xss attacks, we leave this to the user. I think we should remove all the v-html places since we have slots everywhere t…
-
This was a library that was brought in for displaying ANSI color codes in the build detail command output. It is currently unused, but was loaded async previously. It seems we could use this for notif…
-
Not really sure if this is something Staticman should handle or not, but putting this out there.
I recently was made aware that arbitrary HTML could be passed in my comments. Which basically means …
-
Reference
https://github.com/cure53/DOMPurify
-
Hi!
During the penetration testing of DokuWiki, i've identified some vulnerabilities. These vulnerabilities are primarily related to Cross-Site Scripting (XSS) – which would be the A03:2021 – Injec…
-
Once Rails 3.0 officially drops, need to work out html sanitization behaviour to work same way.