mirror/tiptap
1
0
Fork 0
mirror of https://github.com/ueberdosis/tiptap.git synced 2024-12-01 01:19:03 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
04a11355a7
tiptap/tests/cypress/integration
History
Cameron Hessler 04a11355a7 fix(extension-youtube) XSS risk with src tag 
Fixes risks outline in #4600 by verifying that any src urls are valid
youtube URLs before rendering as HTML. My thoughts are that this attack
vector would be difficult to use because the attacker would have to have
a way to manipualte the TipTap payload in a manner that bypasses the
youtube extension's `setYoutubeVideo` command, which already checks for
valid URLs.
2023-11-20 18:48:22 +01:00
..
core fix(core) Nested chain not preserving dispatch state (#4152) 2023-07-07 11:20:29 +02:00
extensions fix(extension-youtube) XSS risk with src tag 2023-11-20 18:48:22 +01:00
html add precommit hook for linting and automatic eslint fixes + update eslint packages (#2862) 2022-06-08 14:10:25 +02:00