-
-
Notifications
You must be signed in to change notification settings - Fork 679
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merging fixes covering nesting-based mXSS into 3.x branch #943
Commits on Apr 16, 2024
-
docs: Updated README to be more accurate for Trusted Types use cases
Configuration menu - View commit details
-
Copy full SHA for 632f122 - Browse repository at this point
Copy the full SHA 632f122View commit details
Commits on Apr 23, 2024
-
Configuration menu - View commit details
-
Copy full SHA for c5369f2 - Browse repository at this point
Copy the full SHA c5369f2View commit details -
Configuration menu - View commit details
-
Copy full SHA for c725ce0 - Browse repository at this point
Copy the full SHA c725ce0View commit details -
Configuration menu - View commit details
-
Copy full SHA for f051738 - Browse repository at this point
Copy the full SHA f051738View commit details
Commits on Apr 24, 2024
-
fix: Added __depth field to sanitized DOM nodes for better tracking
test: Added tests to cover possible nesting-based mXSS on Blink & Webkit
Configuration menu - View commit details
-
Copy full SHA for ce799c3 - Browse repository at this point
Copy the full SHA ce799c3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 81d963c - Browse repository at this point
Copy the full SHA 81d963cView commit details -
fix: Added __depth tracking for ShadowDOM and template elements as well
fix: Set MAX_NESTING_DEPTH to 500 for good mesaure test: Added more tests to cover template element depth tracking
Configuration menu - View commit details
-
Copy full SHA for 4299c0a - Browse repository at this point
Copy the full SHA 4299c0aView commit details -
fix: Added experimental __depth increment for copied elements
test: Removed Firefox 60, added Firefox 125, Chrome 124
Configuration menu - View commit details
-
Copy full SHA for 65d35b8 - Browse repository at this point
Copy the full SHA 65d35b8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6dbc2bd - Browse repository at this point
Copy the full SHA 6dbc2bdView commit details -
fix: added __removalCount to account for nodes removed from parents w…
…hen calculating depth test: added more nesting-based mXSS tests and clobbering tests for __removalCount
Configuration menu - View commit details
-
Copy full SHA for 813d065 - Browse repository at this point
Copy the full SHA 813d065View commit details
Commits on Apr 25, 2024
-
Merge pull request #941 from icesfont/fix/deep-nesting-mxss
fix: added __removalCount to account for nodes removed from parents w…
Configuration menu - View commit details
-
Copy full SHA for 1f494b9 - Browse repository at this point
Copy the full SHA 1f494b9View commit details -
Configuration menu - View commit details
-
Copy full SHA for ef4bbb4 - Browse repository at this point
Copy the full SHA ef4bbb4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6e240ec - Browse repository at this point
Copy the full SHA 6e240ecView commit details -
Configuration menu - View commit details
-
Copy full SHA for 2a554b4 - Browse repository at this point
Copy the full SHA 2a554b4View commit details -
Merge pull request #942 from kyselberg/main
docs(README.md): correct hook name in example and remove misleading comment
Configuration menu - View commit details
-
Copy full SHA for c0d418c - Browse repository at this point
Copy the full SHA c0d418cView commit details