search

SlatherOrg / slather

Generate test coverage reports for Xcode projects & hook it into CI.
MIT License
1.55k stars 236 forks source link

Update list.js #546

Closed AndriiZakhliupanyi closed 10 months ago

AndriiZakhliupanyi commented 12 months ago

Hello, i want to update list.js. Old list.js have issue: "The list.js package is vulnerable to Cross-Site Scripting (XSS) attacks. The add() function in index.js adds item objects to a list object without performing any checks in the contents being passed in the value parameter. An attacker who can supply input to the add() function could use it to store a malicious JavaScript payload. If the list object is then rendered in HTML, this would result in script execution."

I hope latest version fix it.

Update to version 2.3.1: https://raw.githubusercontent.com/javve/list.js/v2.3.1/dist/list.min.js

AndriiZakhliupanyi commented 11 months ago

@ksuther Hi! Can you review PR?

ksuther commented 10 months ago

Thanks for the PR!