GitHub/Anki
1
0
Fork 0
mirror of https://github.com/ankitects/anki.git synced 2025-09-18 14:02:21 -04:00
Code Issues Projects Releases Packages 1 Wiki Activity Actions
Anki/ts/lib/domlib
History
Damien Elmes ddb8573e8d
Use CSP to block inline JS content in editor (#3939) 
* Revert "Sanitize field content in editor"

This reverts commit 1c156905f8.

* Use CSP to block inline JS content in editor

This blocks inline scripts, scripts in the media folder, and
handlers like onclick in the editor. This is nicer than the previous
solution - it doesn't make any permanent changes, and leaves other
content like SVGs alone. Thanks to Nil Admirari for the suggestion.
2025-04-23 16:21:48 +10:00
..
location Reduce use of type casting (#3723) 2025-01-12 20:05:05 +11:00
surround Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
content-editable.ts Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
find-above.ts Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
index.ts Use CSP to block inline JS content in editor (#3939) 2025-04-23 16:21:48 +10:00
move-nodes.ts Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
place-caret.ts Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00