mirror of
https://github.com/mermaid-js/mermaid.git
synced 2025-09-13 04:19:44 +02:00
Sanitizsation of incoming variables that are added to the userStyles
This commit is contained in:
@@ -385,6 +385,8 @@ const render = function (id, _txt, cb, container) {
|
||||
|
||||
let userStyles = '';
|
||||
// user provided theme CSS
|
||||
// If you add more configuration driven data into the user styles make sure that the value is
|
||||
// sanitized bye the santiizeCSS function
|
||||
if (cnf.themeCSS !== undefined) {
|
||||
userStyles += `\n${cnf.themeCSS}`;
|
||||
}
|
||||
|
Reference in New Issue
Block a user