8000 need to use jquery-i18next in popover content formatter by smallst · Pull Request #7782 · codecombat/codecombat · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

need to use jquery-i18next in popover content formatter #7782

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Oct 23, 2024
Merged

need to use jquery-i18next in popover content formatter #7782

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions app/views/play/level/tome/DocFormatter.coffee
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,7 @@ module.exports = class DocFormatter
if language is @options.language then return text
if language is 'javascript' and @options.language in ['java', 'cpp'] then return text
return ''
$("<div>#{content}</div>").i18n().html()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Ensure content is properly sanitized to prevent XSS vulnerabilities

Wrapping content in a <div> and then applying .i18n().html() may introduce XSS risks if content contains unescaped user-generated input. Please ensure that content is properly sanitized before inserting it into the DOM to prevent potential security issues.


replaceSpriteName: (s) ->
# Prefer type, and excluded the quotes we'd get with @formatValue
Expand Down
Loading
0