search

google-gemini / generative-ai-js

The official Node.js / Typescript library for the Google Gemini API
https://www.npmjs.com/package/@google/generative-ai
Apache License 2.0
507 stars 97 forks source link

{patch} DOM text reinterpreted as HTML Added encodeURIComponent #91

Closed Shivam7-1 closed 2 months ago

Shivam7-1 commented 2 months ago

By using encodeURIComponent(), it will prevent the risk of unintended interpretation of special characters in the URL construction. This method automatically encodes special characters, ensuring that they are treated as part of the URL string rather than being interpreted as HTML or JavaScript code. This helps prevent potential security vulnerabilities, such as injection attacks or unexpected behavior, by encoding the input as part of the URL path.

changeset-bot[bot] commented 2 months ago

⚠️ No Changeset found

Latest commit: 382d4f1f4748609780ce05fe4273e3cfeb4888d5

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Shivam7-1 commented 2 months ago

Hi @hsubox76 Could You Please Review this PR Thanks

hsubox76 commented 2 months ago

This file isn't part of our source code, it's in the samples directory as an example snippet of how to use the SDK. The parts that are unrelated to usage of the SDK are kept as simple as possible since that's not what the sample is meant to focus on.