marcel/mermaid
1
0
Fork 0
mirror of https://github.com/mermaid-js/mermaid.git synced 2025-09-09 18:39:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

#4446 Updating the cleanup criteria

Browse Source
This commit is contained in:
Knut Sveidqvist
2023-06-01 16:30:57 +02:00
parent 0cd1c5de97
commit 7b6cb4f974
4 changed files with 95 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cypress/integration/other/ghsa.spec.js
View File

@@ -1,4 +1,4 @@
import { urlSnapshotTest } from '../../helpers/util.js';
import { urlSnapshotTest, openURLAndVerifyRendering } from '../../helpers/util.js';
describe('CSS injections', () => {
it('should not allow CSS injections outside of the diagram', () => {
@@ -13,4 +13,11 @@ describe('CSS injections', () => {
flowchart: { htmlLabels: false },
});
});
it('should not allow manipulating styletags using arrowheads', () => {
openURLAndVerifyRendering('http://localhost:9000/xss23-css.html', {
logLevel: 1,
arrowMarkerAbsolute: false,
flowchart: { htmlLabels: true },
});
});
});