History

andrigamerita d264f45979 fix: code blocks of unknown languages cause HTML injection (#3711 ) * fix: code blocks of unknown languages cause HTML injection A code block of unknown language (that is, a language not treated as special by Memos and not handled by highlight.js) should fall back on rendering its plaintext content. However, the content is never properly escaped before it is appended to the DOM, and thus any string that happens to contain HTML is unsafely rendered. This commit fixes the issue by ensuring that, when none of the previous cases handle the text, any HTML entities are escaped first. * Update CodeBlock.tsx to conform to eslint		2024-07-19 08:32:58 +08:00
..
public	chore: tweak memo view display	2024-03-13 22:30:59 +08:00
src	fix: code blocks of unknown languages cause HTML injection (#3711 )	2024-07-19 08:32:58 +08:00
.eslintrc.json	chore: update eslint config	2024-02-04 22:52:47 +08:00
.gitignore	fix: docker-compose.dev.yaml (#2695 )	2024-01-02 18:33:19 +08:00
.prettierrc.js	feat: add system service (#2083 )	2023-08-05 21:30:23 +08:00
README.md	chore: tweak readme	2024-02-23 08:25:54 +08:00
components.json	chore: use popover for update tag view setting	2024-07-17 08:46:52 +08:00
index.html	fix: initial gomark wasm	2024-02-01 19:39:41 +08:00
package.json	chore: use popover for update tag view setting	2024-07-17 08:46:52 +08:00
pnpm-lock.yaml	chore: use popover for update tag view setting	2024-07-17 08:46:52 +08:00
postcss.config.js	…
tailwind.config.js	chore: use popover for update tag view setting	2024-07-17 08:46:52 +08:00
tsconfig.json	refactor: update import prefix with alias (#1433 )	2023-04-01 16:03:14 +08:00
vercel.json	chore: add vercel.json	2024-02-05 00:01:31 +08:00
vite.config.ts	refactor: implement s3 storage	2024-05-02 21:28:06 +08:00

README.md

The frontend of Memos