jsonTreeViewer icon indicating copy to clipboard operation
jsonTreeViewer copied to clipboard
verified publisher icon summerstyle

Update rendering template to avoid potential XSS attack

Open kacrouse opened this issue 7 months ago • 0 comments

Prior to this change, HTML found in the displayed JSON key or value would be rendered. This would allow for a XSS attack if the JSON contained malicious HTML.

The fix leverages textContent to ensure any HTML is properly escaped.

kacrouse avatar Jun 06 '25 20:06 kacrouse