textile-js icon indicating copy to clipboard operation
textile-js copied to clipboard
verified publisher icon borgar

Xss attack

Open kenshin1102 opened this issue 9 years ago • 1 comments

It have xss "google 2":javascript:alert('XSS')

kenshin1102 avatar Jul 26 '16 08:07 kenshin1102

It seems that marked solves this by blocking the URLs programatically: https://github.com/chjj/marked/commit/cd2f6f5b7091154c5526e79b5f3bfb4d15995a51

borgar avatar Apr 26 '17 17:04 borgar