GitHub/Anki
1
0
Fork 0
mirror of https://github.com/ankitects/anki.git synced 2025-09-18 14:02:21 -04:00
Code Issues Projects Releases Packages 1 Wiki Activity Actions
Anki/ts/editor
History
Damien Elmes bfc87c0427 Use CSP to block inline JS content in editor (#3939) 
* Revert "Sanitize field content in editor"

This reverts commit 1c156905f8.

* Use CSP to block inline JS content in editor

This blocks inline scripts, scripts in the media folder, and
handlers like onclick in the editor. This is nicer than the previous
solution - it doesn't make any permanent changes, and leaves other
content like SVGs alone. Thanks to Nil Admirari for the suggestion.

(cherry picked from commit ddb8573e8d)
2025-04-23 16:23:18 +10:00
..
editor-toolbar Fix editor loses focus when toggling list if list item empty (#3483) 2024-10-16 00:38:35 +10:00
image-overlay Update to stable Svelte 5 release (#3513) 2024-10-26 18:21:45 +10:00
mathjax-overlay Update to Svelte 5 (#3292) 2024-09-25 18:49:07 +10:00
plain-text-input Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
rich-text-input Reduce use of type casting (#3723) 2025-01-12 20:05:05 +11:00
base.ts Update to Svelte 5 (#3292) 2024-09-25 18:49:07 +10:00
BrowserEditor.svelte Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
change-timer.ts Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
ClozeButtons.svelte Revert "Revert "Revert "Preserve HTML formatting inside clozes (#3038)""" 2024-05-17 11:51:09 +07:00
code-mirror.ts Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
CodeMirror.svelte Update to Svelte 5 (#3292) 2024-09-25 18:49:07 +10:00
CollapseBadge.svelte Update dprint (#3376) 2024-08-22 18:24:56 +07:00
CollapseLabel.svelte Fix remaining accessibility warnings (#3241) 2024-07-10 19:55:08 +07:00
decorated-elements.ts Move away from Bazel (#2202) 2022-11-27 15:24:20 +10:00
destroyable.ts Re-enable formatting for .ts files 2022-11-28 09:33:04 +10:00
DuplicateLink.svelte Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
EditingArea.svelte Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
editor-base.scss Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
EditorField.svelte Fix remaining accessibility warnings (#3241) 2024-07-10 19:55:08 +07:00
FieldDescription.svelte Re-enable formatting for .svelte files 2022-11-28 09:17:39 +10:00
Fields.svelte Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
FieldState.svelte Field redesign (#2002) 2022-08-19 10:02:28 +10:00
HandleBackground.svelte Update to Svelte 5 (#3292) 2024-09-25 18:49:07 +10:00
HandleControl.svelte Update to Svelte 5 (#3292) 2024-09-25 18:49:07 +10:00
HandleLabel.svelte Move away from Bazel (#2202) 2022-11-27 15:24:20 +10:00
helpers.ts Refactor plain/rich text input toggling code; fix focus loss (#2479) 2023-04-22 16:08:25 +10:00
index.ts Merge the separate editor index files 2023-07-03 17:24:27 +10:00
LabelContainer.svelte Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
LabelName.svelte Editor Field Descriptions (#1476) 2021-11-06 09:42:48 +10:00
legacy.scss Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
NoteCreator.svelte Re-enable formatting for .svelte files 2022-11-28 09:17:39 +10:00
NoteEditor.svelte Use CSP to block inline JS content in editor (#3939) 2025-04-23 16:23:18 +10:00
Notification.svelte Introduce new color palette using Sass maps (#2016) 2022-09-16 14:11:18 +10:00
old-editor-adapter.ts Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
PlainTextBadge.svelte Fix remaining accessibility warnings (#3241) 2024-07-10 19:55:08 +07:00
PreviewButton.svelte Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
ReviewerEditor.svelte Use eslint for sorting our imports (#1637) 2022-02-04 18:36:34 +10:00
RichTextBadge.svelte Fix remaining accessibility warnings (#3241) 2024-07-10 19:55:08 +07:00
StickyBadge.svelte Fix remaining accessibility warnings (#3241) 2024-07-10 19:55:08 +07:00
surround.ts Switch to SvelteKit (#3077) 2024-03-31 09:16:31 +01:00
types.ts Propagate editor UI state transitions to add-ons (#2711) 2023-10-13 08:47:50 +10:00