Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added data: link fix to prevent xss #844

Merged
merged 1 commit into from
Jan 20, 2017
Merged

added data: link fix to prevent xss #844

merged 1 commit into from
Jan 20, 2017

Conversation

matt-
Copy link
Contributor

@matt- matt- commented Jan 19, 2017

No description provided.

@matt- matt- merged commit 8f9d0b7 into master Jan 20, 2017
@matt-
Copy link
Contributor Author

matt- commented Jan 25, 2017

@chjj I added this along the same lines as the javascript: xss. Can we version bump and push this?

@matt- matt- mentioned this pull request Jan 31, 2017
Closed
@paulirish
Copy link

Heya @matt-
Can we expect a version bump out soon? We're interested in this fix and would like to avoid depending on a specific github commit if possible. ;)

@paulirish paulirish mentioned this pull request Feb 14, 2017
Closed
@matt-
Copy link
Contributor Author

matt- commented Feb 14, 2017
edited
Loading

No idea thats up to @chjj. I personally would love to see a bump to get this resolved.

@paulirish
Copy link

k. thank you!

@chjj can you add the other contributors here to the npm package so they can publish as well?

@guypod
Copy link

guypod commented Feb 15, 2017

@paulirish note in the meantime you can also use a Snyk patch (see the bottom of https://snyk.io/vuln/npm:marked:20170112).

When we initially reported the problem it had no fix, but once Matt created a fix we captured it as a Snyk patch too. More about Snyk patches here: https://snyk.io/docs/security

@matt- matt- mentioned this pull request Mar 6, 2017
Closed
@zhangbobell
Copy link

Thank you very much to send this pull request, it's help me a lot!

@matt- matt- mentioned this pull request Mar 14, 2017
Closed
@matt- matt- mentioned this pull request Aug 2, 2017
Closed
@ankon ankon mentioned this pull request Nov 28, 2017
Closed
@joshbruce joshbruce mentioned this pull request Dec 5, 2017
Closed
@danielwpz danielwpz mentioned this pull request Feb 23, 2018
Merged
@dark-flames dark-flames mentioned this pull request Mar 21, 2018
Closed
@UziTech UziTech deleted the data_link_fix branch June 28, 2019 15:35
zhenalexfan pushed a commit to zhenalexfan/MarkdownHan that referenced this pull request Nov 8, 2021
@matt-
Merge pull request markedjs#844 from chjj/data_link_fix
2498312 
added data link fix to prevent xss
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@matt- @paulirish @guypod @zhangbobell