Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Sanitize HTML content in data-trix-* attributes #1149

Merged
merged 2 commits into from
May 1, 2024
Merged

Sanitize HTML content in data-trix-* attributes #1149

merged 2 commits into from
May 1, 2024
+22 −1

Conversation

afcapel
Copy link
Contributor

@afcapel afcapel commented May 1, 2024

Prevents XSS attacks by crafting a malicious HTML content in the data-trix-* attributes.

lewispb and others added 2 commits May 1, 2024 14:58
@lewispb @afcapel
Test attachment content is sanitized
1abe3d2
@afcapel
Sanitize HTML content in data-trix-* attributes
14bac18 
Prevents XSS attacks by crafting a malicious HTML content in the
data-trix-* attributes.
@afcapel afcapel requested a review from lewispb May 1, 2024 14:06
lewispb
lewispb approved these changes May 1, 2024
View reviewed changes
Copy link
Member

@lewispb lewispb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lovely, thanks for looking at this @afcapel

@afcapel afcapel merged commit 1a5c68a into main May 1, 2024
1 check passed
@afcapel afcapel deleted the paste-html-sanitize branch May 1, 2024 14:22
@afcapel afcapel mentioned this pull request May 14, 2024
Merged
@afcapel afcapel mentioned this pull request May 28, 2024
Merged
@xdmx xdmx mentioned this pull request Jun 11, 2024
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@lewispb lewispb lewispb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@afcapel @lewispb