hedgedoc

mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-13 06:34:39 -04:00

History

Erik Michelson 0636b5c20b refactor: use iframes for gist embedding instead of gist-embed The used library gist-embed relies on GitHub Gist's JSONP endpoint which is a risk for XSS injection. By adding untrusted content from GitHub into the DOM it also follows very bad practises. Using the iframe embedding has the disadvantage of not having the proper height for the frame auto-loaded, but the security benefits are worth it. Signed-off-by: Erik Michelson <github@erik.michelson.eu>		2025-04-10 00:21:55 +02:00
..
lib	chore(eslint): add missing global comments	2025-02-01 22:15:54 +01:00
cover.js	chore(eslint): remove deprecated eslint-env	2025-02-01 22:15:54 +01:00
extra.js	refactor: use iframes for gist embedding instead of gist-embed	2025-04-10 00:21:55 +02:00
fix-aria-hidden-for-modals.js	Force change of aria-hidden when modal shows or hides	2022-04-03 22:52:53 +02:00
history.js	chore(eslint): remove deprecated eslint-env	2025-02-01 22:15:54 +01:00
htmlExport.js	refactor: use iframes for gist embedding instead of gist-embed	2025-04-10 00:21:55 +02:00
index.js	chore(eslint): remove deprecated eslint-env	2025-02-01 22:15:54 +01:00
locale.js	chore(eslint): remove deprecated eslint-env	2025-02-01 22:15:54 +01:00
mathjax-config-extra.js	Fix MathJax config not being picked up	2017-10-22 02:48:24 +02:00
pretty.js	chore(eslint): remove deprecated eslint-env	2025-02-01 22:15:54 +01:00
render.js	chore(eslint): remove deprecated eslint-env	2025-02-01 22:15:54 +01:00
reveal-markdown.js	chore(eslint): remove deprecated eslint-env	2025-02-01 22:15:54 +01:00
slide.js	chore(eslint): remove deprecated eslint-env	2025-02-01 22:15:54 +01:00
utils.js	Linter: Fix all lint errors	2021-02-15 12:15:14 +01:00