marcel/mermaid
1
0
Fork 0
mirror of https://github.com/mermaid-js/mermaid.git synced 2025-10-02 13:49:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for issue with backticks in ids in classDiagrams

Browse Source
This commit is contained in:
Knut Sveidqvist
2023-09-29 13:38:00 +02:00
parent f96d351fdc
commit 47acc1e423
21 changed files with 305 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
cypress/platform/xss5.html
View File

@@ -42,6 +42,16 @@
font-size: 72px;
}
</style>
<script>
function xssAttack() {
const div = document.createElement('div');
div.id = 'the-malware';
div.className = 'malware';
div.innerHTML = 'XSS Succeeded';
document.getElementsByTagName('body')[0].appendChild(div);
throw new Error('XSS Succeeded');
}
</script>
</head>
<body>
<div>Security check</div>
@@ -84,14 +94,6 @@
function callback() {
alert('It worked');
}
function xssAttack() {
const div = document.createElement('div');
div.id = 'the-malware';
div.className = 'malware';
div.innerHTML = 'XSS Succeeded';
document.getElementsByTagName('body')[0].appendChild(div);
throw new Error('XSS Succeeded');
}
let diagram = 'graph LR\n';
diagram += 'B-->D("<img onerror=location=`java';
// diagram += "script\u003aalert\u0028document.domain\u0029\` src=x>\"\);\n";