diff options
| author | Yarden Shoham <git@yardenshoham.com> | 2024-03-16 15:25:27 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-03-16 13:25:27 +0000 |
| commit | f9b4efd42c17d7f75b689142b17575a478fe903c (patch) | |
| tree | 018f25d2888e35a6d9975c1828e788cf2206d512 /.eslintrc.yaml | |
| parent | c6e5ec51bd5d2d3ede30b7506e7cc47f18a49ca8 (diff) | |
| download | gitea-f9b4efd42c17d7f75b689142b17575a478fe903c.tar.gz gitea-f9b4efd42c17d7f75b689142b17575a478fe903c.zip | |
Forbid HTML injection using jQuery (#29843)
See
https://github.com/wikimedia/eslint-plugin-no-jquery/blob/master/docs/rules/no-append-html.md
Tested the following components and they work as before:
- notification table
- issue author dropdown
- comment edit box attachments div
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Diffstat (limited to '.eslintrc.yaml')
| -rw-r--r-- | .eslintrc.yaml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/.eslintrc.yaml b/.eslintrc.yaml index 5f291f13e7..0003ba95e1 100644 --- a/.eslintrc.yaml +++ b/.eslintrc.yaml @@ -400,7 +400,7 @@ rules: no-jquery/no-and-self: [2] no-jquery/no-animate-toggle: [2] no-jquery/no-animate: [2] - no-jquery/no-append-html: [0] + no-jquery/no-append-html: [2] no-jquery/no-attr: [0] no-jquery/no-bind: [2] no-jquery/no-box-model: [2] |