Andreas/siyuan
1
0
Fork 0
mirror of https://github.com/siyuan-note/siyuan.git synced 2026-02-16 12:08:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

🎨 Do not execute scripts in HTML blocks by default to prevent XSS https://github.com/siyuan-note/siyuan/issues/11172

Browse source
This commit is contained in:
Daniel 2024-04-27 23:01:31 +08:00
parent 239a1434e1
commit 34caeb5871
No known key found for this signature in database
GPG key ID: 86211BA83DF03017
10 changed files with 39 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
app/src/types/config.d.ts vendored
View file

@ -306,6 +306,11 @@ declare namespace Config {
*/
export interface IEditor {
/**
* Whether to allow to execute javascript in the HTML block
*/
allowHTMLBLockScript: boolean;
/**
* Markdown configuration
*/