hedgedoc

History

Don't store mermaid diagrams in innerHTML

Using jQuery's `.html()` method stores the given string as `innerHTML`, which enables injection of arbitrary DOM elements.
Using `.text()` instead mitigates this issue.

Signed-off-by: David Mehren <git@herrmehren.de>

2020-12-27 10:14:27 +01:00

lib

Remove pdf export code

2020-11-26 21:09:23 +01:00

cover.js

Replace CodiMD with HedgeDoc

2020-11-14 21:18:36 +01:00

extra.js

Don't store mermaid diagrams in innerHTML

2020-12-27 10:14:27 +01:00

history.js

Fix eslint warnings

2019-05-31 00:30:29 +02:00

htmlExport.js

Use JavaScript Standard Style (part 2)

2017-03-09 02:41:05 +08:00

index.js

Remove reference to nonexisting DOM element

2020-11-27 19:24:43 +01:00

locale.js

Add config option for cookie SameSite policy

2020-08-27 02:04:49 +02:00

mathjax-config-extra.js

Fix MathJax config not being picked up

2017-10-22 02:48:24 +02:00

pretty.js

Fix eslint warnings

2019-05-31 00:30:29 +02:00

render.js

Don't accept sandbox attribute

2019-10-22 12:04:12 +02:00

reveal-markdown.js

Remove the xss library from webpack

2018-11-10 20:27:07 +01:00

slide.js

Fix eslint warnings

2019-05-31 00:30:29 +02:00

utils.js

Update to migrate note url in the history of browser storage and cookie

2018-03-03 16:26:19 +08:00