mirror/tiptap
1
0
Fork 0
mirror of https://github.com/ueberdosis/tiptap.git synced 2025-01-24 02:23:18 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
04a11355a7
tiptap/tests/cypress
History
Cameron Hessler 04a11355a7 fix(extension-youtube) XSS risk with src tag 
Fixes risks outline in #4600 by verifying that any src urls are valid
youtube URLs before rendering as HTML. My thoughts are that this attack
vector would be difficult to use because the attacker would have to have
a way to manipualte the TipTap payload in a manner that bypasses the
youtube extension's `setYoutubeVideo` command, which already checks for
valid URLs.
2023-11-20 18:48:22 +01:00
..
fixtures move tests 2020-04-17 13:05:43 +02:00
integration fix(extension-youtube) XSS risk with src tag 2023-11-20 18:48:22 +01:00
plugins React context implementation for Tiptap (#4192) 2023-07-11 18:20:43 +02:00
support Require file extensions for imports and exports (#4001) 2023-06-30 21:03:49 +02:00
tsconfig.json React context implementation for Tiptap (#4192) 2023-07-11 18:20:43 +02:00