HomePhabricator

Play things safe when stripping HTML

Authored by Jdlrobson on Jun 29 2017, 5:46 PM.

Description

Play things safe when stripping HTML

Script and input tags if outputted by other extensions can
theoretically allow an XSS issue.

Just in case let's do this here.

Bug: T107206
Change-Id: I889f7827fb9084b7cf853a1843fdc48821237d65

Details

Committed
BawolffJun 30 2017, 12:16 PM
Parents
rETEXe31cf4734c9e: build: add grunt-contrib-jshint
Branches
Unknown
Tags
Unknown
References
REL1_29, refs/changes/90/362390/1
ChangeId
I889f7827fb9084b7cf853a1843fdc48821237d65