marcel/mermaid
1
0
Fork 0
mirror of https://github.com/mermaid-js/mermaid.git synced 2025-09-16 13:59:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'sidv/typescript' of https://github.com/mermaid-js/mermaid into sidv/typescript

Browse Source 
* 'sidv/typescript' of https://github.com/mermaid-js/mermaid:
  Update src/config.ts
This commit is contained in:
Sidharth Vinod
2022-08-23 21:35:43 +05:30
parent 32ba2d5ffe 0e0802a588
commit a8042f622f
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/config.ts
View File

@@ -151,7 +151,7 @@ export const getConfig = (): MermaidConfig => {
*/ */
export const sanitize = (options: any) => { export const sanitize = (options: any) => {
// Checking that options are not in the list of excluded options // Checking that options are not in the list of excluded options
siteConfig.secure?.forEach((key) => { ['secure', ...(siteConfig.secure ?? [])].forEach((key) => {
if (typeof options[key] !== 'undefined') { if (typeof options[key] !== 'undefined') {
// DO NOT attempt to print options[key] within `${}` as a malicious script // DO NOT attempt to print options[key] within `${}` as a malicious script
// can exploit the logger's attempt to stringify the value and execute arbitrary code // can exploit the logger's attempt to stringify the value and execute arbitrary code