jQuery DataTables is out of date

ig3 / zhongwen

A fork of the "Zhongwen" extension modified to support content in iframes.

https://chrome.google.com/webstore/detail/zhongwen-chinese-english/kkmlkkjojmombglmlpbpapmhcaljjkde

GNU General Public License v2.0

0 stars 0 forks source link

jQuery DataTables is out of date #1

Open ig3 opened 1 year ago

ig3 commented 1 year ago

The add-on includes DataTables version 1.10.19 but current version is 1.13.1.

Mozilla flagged DataTables for insecurely setting innerHTML. It might be a good idea to update DataTables.

For example:

Unsafe assignment to innerHTML

Warning: Due to both security and performance concerns, this may not be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation.

js/jquery.dataTables.min.js line 22 column 115

ig3 commented 1 year ago

DataTables is used to present the word list. Usage appears to be limited to wordlist.html / js/wordlist.js. Usage appears quite basic. Probably not adversely impacted by changes to 1.13.1.

A bootstrap integration is used (dataTables.bootstrap4.min.js).