GitHub/Anki
1
0
Fork 0
mirror of https://github.com/ankitects/anki.git synced 2025-09-18 14:02:21 -04:00
Code Issues Projects Releases Packages 1 Wiki Activity Actions
Anki/ts
History
Damien Elmes bfc87c0427 Use CSP to block inline JS content in editor (#3939) 
* Revert "Sanitize field content in editor"

This reverts commit 1c156905f8.

* Use CSP to block inline JS content in editor

This blocks inline scripts, scripts in the media folder, and
handlers like onclick in the editor. This is nicer than the previous
solution - it doesn't make any permanent changes, and leaves other
content like SVGs alone. Thanks to Nil Admirari for the suggestion.

(cherry picked from commit ddb8573e8d)
2025-04-23 16:23:18 +10:00
..
editable Reduce use of type casting (#3723) 2025-01-12 20:05:05 +11:00
editor Use CSP to block inline JS content in editor (#3939) 2025-04-23 16:23:18 +10:00
html-filter Reduce use of type casting (#3723) 2025-01-12 20:05:05 +11:00
icons Move away from Bazel (#2202) 2022-11-27 15:24:20 +10:00
lib Use CSP to block inline JS content in editor (#3939) 2025-04-23 16:23:18 +10:00
mathjax Issue 2563 - remove mhchem (#3705) 2025-01-09 22:24:39 +11:00
reviewer Reduce use of type casting (#3723) 2025-01-12 20:05:05 +11:00
routes Further tweaks to easy days 2025-02-11 17:04:58 +07:00
src ts/src/app.html: Changed from favicon.png to favicon.ico (#3485) 2024-10-11 22:25:58 +10:00
tools Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
.gitignore Update eslint to 4.22.0 2021-04-22 19:19:39 +02:00
bundle_svelte.mjs Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
bundle_ts.mjs Add env var to enable sourcemaps 2022-12-04 11:37:16 +10:00
licenses.json Use CSP to block inline JS content in editor (#3939) 2025-04-23 16:23:18 +10:00
page.html Load page script after body created (#1802) 2022-04-19 17:16:56 +10:00
README.md add add.sh helper for adding dependency and updating licenses 2020-12-31 12:20:51 +10:00
svelte.config.js Fix import order 2024-05-17 17:11:28 +07:00
transform_ts.mjs Move away from Bazel (#2202) 2022-11-27 15:24:20 +10:00
tsconfig.json Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
tsconfig_legacy.json Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
vite.config.ts Update vitest and unpin vite 2024-10-26 18:41:59 +10:00
yarn.sh Fix yarn.sh failing with linked out folder 2023-03-31 13:08:59 +10:00

README.md

Anki's TypeScript and Sass dependencies. Some TS/JS code is also stored separately in ../qt/aqt/data/web/.

To update all dependencies:

./update.sh

To add a new dev dependency, use something like:

./add.sh -D @rollup/plugin-alias