Discource-C/discourse
1
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-06 19:38:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
discourse/app/assets/javascripts/pretty-text/addon
History
Vinoth Kannan ded6ea66a5
FIX: skip iframe URLs with relative paths in pretty text sanitizer. (#21714) 
This commit prevents unallowed URLs in iframe src by adding a relative path like `https://bob.com/abc/def/../ghi`. Currently, the iframe linking to the site uses the current_user, not the post's author, so users who have no access to a certain path are not able to view anything they shouldn't.
2023-05-24 16:14:18 +05:30
..
emoji
DEV: Update javascript:update_constants rake task following template colocation (#20365)
2023-02-20 06:20:47 +03:00
engines
Revert "DEV: Add crossOrigin to video tag (#20617)" (#20624)
2023-03-09 16:20:35 -07:00
allow-lister.js
A11Y: Set role=presentation if alt attr is missing (#18546)
2022-10-12 14:07:37 +03:00
censored-words.js
DEV: Ensure censorFn copes with null regexpList (#17754)
2022-08-02 11:09:51 +01:00
emoji.js
FEATURE: Add an emoji deny list site setting (#20929)
2023-04-13 15:38:54 +08:00
guid.js
DEV: apply new coding standards (#10592)
2020-09-04 13:42:47 +02:00
highlightjs-aliases.js
DEV: Add support for aliases in HighlightJS languages (#20380)
2023-02-23 15:06:06 -05:00
inline-oneboxer.js
DEV: removes jquery usage from onebox (#14683)
2021-10-22 13:15:46 +02:00
mentions.js
FEATURE: Enforce mention limits for chat messages (#19034)
2022-12-06 14:54:04 -03:00
oneboxer-cache.js
DEV: removes jquery usage from onebox (#14683)
2021-10-22 13:15:46 +02:00
oneboxer.js
DEV: Introduce discourseLater (#17532)
2022-07-17 00:50:49 +02:00
pretty-text.js
FEATURE: Add an emoji deny list site setting (#20929)
2023-04-13 15:38:54 +08:00
sanitizer.js
FIX: skip iframe URLs with relative paths in pretty text sanitizer. (#21714)
2023-05-24 16:14:18 +05:30
upload-short-url.js
DEV: Rename secure_media to secure_uploads (#18376)
2022-09-29 09:24:33 +10:00