Andreas/siyuan
1
0
Fork 0
mirror of https://github.com/siyuan-note/siyuan.git synced 2026-02-03 22:21:48 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

🎨 Do not execute scripts in HTML blocks by default to prevent XSS https://github.com/siyuan-note/siyuan/issues/11172

Browse source
This commit is contained in:
Daniel 2024-04-27 23:01:31 +08:00
parent 239a1434e1
commit 34caeb5871
No known key found for this signature in database
GPG key ID: 86211BA83DF03017
10 changed files with 39 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

1
kernel/conf/editor.go
View file

@ -19,6 +19,7 @@ package conf
import "github.com/siyuan-note/siyuan/kernel/util"
type Editor struct {
AllowHTMLBLockScript bool `json:"allowHTMLBLockScript"` // 允许执行 HTML 块内脚本
FontSize int `json:"fontSize"` // 字体大小
FontSizeScrollZoom bool `json:"fontSizeScrollZoom"` // 字体大小是否支持滚轮缩放
FontFamily string `json:"fontFamily"` // 字体