marcel/mermaid
1
0
Fork 0
mirror of https://github.com/mermaid-js/mermaid.git synced 2025-11-03 20:34:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

#903 Allowing >,< and = characters in svg. Updating xss tests to handle both htmlLabels and non htmlLabels

Browse Source
This commit is contained in:
Knut Sveidqvist
2019-12-07 12:19:45 +01:00
parent 9fe0aa0604
commit c2e5e94b37
6 changed files with 34 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
cypress/platform/xss.html
View File

@@ -28,7 +28,10 @@
div.id = 'the-malware'
div.className = 'malware'
div.innerHTML = 'XSS Succeeded'
document.getElementsByTagName('body')[0].appendChild(div)
document.getElementsByTagName('body')[0].appendChild(div);
// const el = document.querySelector('.mermaid');
// el.parentNode.removeChild(el);
throw new Error('XSS Succeded');
}
</script>
</head>