Fix code scanning alert - Unsafe jQuery plugin

cp-psource / pscp-forum

Ein einfaches Tool zum Erstellen eigener Foren, die direkt in jede Seite oder jeden Beitrag eingebettet werden können. / A simple tool for creating your own forums that can be embedded directly into any page or post.

0 stars 0 forks source link

Fix code scanning alert - Unsafe jQuery plugin #7

Closed Dernerd closed 1 year ago

Dernerd commented 1 year ago

Tracking issue for:

[ ] https://github.com/cp-psource/pscp-forum/security/code-scanning/6

Dernerd commented 1 year ago

// Linked elements or callback if (typeof fb.callback === 'object') { // Set background/foreground color var sanitizedColor = DOMPurify.sanitize(fb.color); // Sanitize the color input var backgroundColor = sanitizedColor ? sanitizedColor : '#FFF'; // Fallback to a default color if the input is empty or invalid $(fb.callback).css({ backgroundColor: backgroundColor, color: fb.hsl[2] > 0.5 ? '#000' : '#fff' }); }