Fix XSS / Merge Error - Githubissues

jsvine / notebookjs

Render Jupyter/IPython notebooks on the fly, in the browser. (Or on the command line, if you'd like.)

MIT License

274 stars 48 forks source link

Fix XSS / Merge Error #52

Closed roman-mibex-2 closed 8 months ago

roman-mibex-2 commented 8 months ago

The indent was to fix the XSS in display.latex function. However, while reworking the pull request, the original line didn't get removed, still leaving the XSS vulnerability.

Remove the .innerHTML as intended

roman-mibex-2 commented 8 months ago

Thanks for the patience with my PRs. I introduced the error in the previous PR #48 when handling the difference between our local patched version and this upstream repo =(.

jsvine commented 8 months ago

Thanks; merged and released.