mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-14 15:14:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix rendering might result XSS attribute on self closing tag [Security Issue]

Browse source
This commit is contained in:
Wu Cheng-Han 2017-03-14 16:27:55 +08:00
parent edb1b4aa0a
commit f491cdabc1
4 changed files with 20 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
public/js/slide.js
View file

@ -4,7 +4,7 @@
require('../css/extra.css')
require('../css/site.css')
import { md, updateLastChange, finishView } from './extra'
import { md, updateLastChange, removeDOMEvents, finishView } from './extra'
const body = $('.slides').text()
@ -109,6 +109,7 @@ function renderSlide (event) {
if (window.location.search.match(/print-pdf/gi)) {
const slides = $('.slides')
let title = document.title
removeDOMEvents(slides)
finishView(slides)
document.title = title
Reveal.layout()
@ -116,6 +117,7 @@ function renderSlide (event) {
const markdown = $(event.currentSlide)
if (!markdown.attr('data-rendered')) {
let title = document.title
removeDOMEvents(markdown)
finishView(markdown)
markdown.attr('data-rendered', 'true')
document.title = title