toyplot icon indicating copy to clipboard operation
toyplot copied to clipboard

Published 20 hours ago verified publisher icon sandialabs

Fix XSS vulnerability in inline scripts (Issue #218)

Open garland3 opened this issue 2 months ago • 0 comments

Summary

  • escape literal sequences in generated inline JavaScript to block injection
  • add a unittest-based test suite with coverage for the escaping behavior
  • hook the new tests into CI via the existing GitHub Actions workflow

Testing

  • ./tests/run_tests.sh

garland3 avatar Sep 27 '25 23:09 garland3