halo/ui at 5aacd8a2522234289e9860e062c64d1330d44e37 - halo

History

Takagi 5aacd8a252 pref: editor iframe risk with src tag (#6150 ) #### What type of PR is this? /kind improvement /area editor /milestone 2.17.x #### What this PR does / why we need it: 在用户设置 iframe 相关的 src 时，检测设置的链接是否符合白名单。如果不符合则不允许设置。 see https://github.com/ueberdosis/tiptap/pull/5160 #### How to test it? 测试在 iframe 中的 src 输入 `javascript: alert("1")` 时是否会触发 javascript #### Does this PR introduce a user-facing change? ```release-note 处理默认编辑器中 iframe 标签的 src 属性可能存在的风险 ```		2024-06-26 10:24:50 +00:00
..
.changeset	Move folder console to ui	2024-02-02 22:22:51 +08:00
.husky	Fix the problem of being unable to commit (#5362 )	2024-02-18 08:00:16 +00:00
.vscode	chore: add vscode settings.json (#6151 )	2024-06-26 18:07:53 +08:00
console-src	feat: add batch setting for partial post fields (#6142 )	2024-06-26 09:58:50 +00:00
cypress	Move folder console to ui	2024-02-02 22:22:51 +08:00
docs	feat: add dynamic list input (#6146 )	2024-06-26 09:48:49 +00:00
packages	pref: editor iframe risk with src tag (#6150 )	2024-06-26 10:24:50 +00:00
public	Move folder console to ui	2024-02-02 22:22:51 +08:00
src	feat: add batch setting for partial post fields (#6142 )	2024-06-26 09:58:50 +00:00
uc-src	refactor: remove phone field for user form (#6139 )	2024-06-26 03:56:48 +00:00
.editorconfig	Move folder console to ui	2024-02-02 22:22:51 +08:00
.env.development	chore: remove unnecessary env (#6022 )	2024-05-30 08:31:16 +00:00
.env.production	chore: remove unnecessary env (#6022 )	2024-05-30 08:31:16 +00:00
.eslintrc.cjs	Generate API docs and regenerate API client (#5742 )	2024-04-19 02:34:07 +00:00
.gitignore	Move folder console to ui	2024-02-02 22:22:51 +08:00
.gitpod.yml	Move folder console to ui	2024-02-02 22:22:51 +08:00
.npmignore	Move folder console to ui	2024-02-02 22:22:51 +08:00
.npmrc	Move folder console to ui	2024-02-02 22:22:51 +08:00
.prettierignore	Generate API docs and regenerate API client (#5742 )	2024-04-19 02:34:07 +00:00
Makefile	Move folder console to ui	2024-02-02 22:22:51 +08:00
OWNERS	Move folder console to ui	2024-02-02 22:22:51 +08:00
README.md	chore: bump pnpm version to 9 (#5953 )	2024-05-21 03:24:45 +00:00
build.gradle	Refactor api client using separated OpenAPI groups	2024-06-25 12:31:25 +08:00
cypress.json	Move folder console to ui	2024-02-02 22:22:51 +08:00
env.d.ts	fix: FormKit code input type error (#5522 )	2024-03-18 08:24:08 +00:00
index.html	refactor: implementation of browser tab title (#5794 )	2024-04-25 03:43:10 +00:00
package.json	feat: add requests library as a global shared dependency	2024-06-25 12:31:44 +08:00
pnpm-lock.yaml	feat: add requests library as a global shared dependency	2024-06-25 12:31:44 +08:00
pnpm-workspace.yaml	Move folder console to ui	2024-02-02 22:22:51 +08:00
postcss.config.cjs	chore: bump vite to 5.x (#5920 )	2024-05-16 06:18:36 +00:00
prettier.config.cjs	chore: bump vite to 5.x (#5920 )	2024-05-16 06:18:36 +00:00
tailwind.config.cjs	chore: bump vite to 5.x (#5920 )	2024-05-16 06:18:36 +00:00
tsconfig.app.json	chore: bump vue related packages version (#5384 )	2024-02-22 03:12:07 +00:00
tsconfig.json	Move folder console to ui	2024-02-02 22:22:51 +08:00
tsconfig.node.json	chore: bump vite to 5.x (#5920 )	2024-05-16 06:18:36 +00:00
tsconfig.vitest.json	Move folder console to ui	2024-02-02 22:22:51 +08:00
vite.config.ts	chore: remove unnecessary env (#6022 )	2024-05-30 08:31:16 +00:00
vite.uc.config.ts	Add build script for ui project	2024-02-03 22:51:50 +08:00
vitest.config.ts	Add build script for ui project	2024-02-03 22:51:50 +08:00