1
0
mirror of https://github.com/laurent22/joplin.git synced 2024-12-27 10:32:58 +02:00
Commit Graph

24 Commits

Author SHA1 Message Date
Laurent Cozic
a7dddaf2c4 Desktop: Allow attaching a file from the Markdown editor for HTML notes 2023-10-31 16:53:47 +00:00
CptMeetKat
0320d9f479
Desktop: Fixes #8946: Whitelisted Joplin markdown links for copy pasting in WYSIWYG mode (#8972) 2023-10-05 11:49:25 +01:00
Laurent Cozic
13b7e3657b Merge branch 'release-2.12' into dev 2023-08-23 19:10:58 +01:00
Laurent Cozic
8696ae1bb6 Desktop: Fixes #8706: Pasting a resource in Rich Text editor breaks the resource link 2023-08-23 18:59:04 +01:00
Laurent Cozic
73eedd3ec3 Desktop: Fixes #8706: Pasting a resource in Rich Text editor breaks the resource link 2023-08-23 18:16:06 +01:00
Laurent Cozic
03f1d86531
Desktop: Resolves #8691: Improve pasting content from Word and Excel (#8705) 2023-08-21 18:37:33 +01:00
Henry Heino
7c52c3e9a8
Desktop: Security: Disallow map and area tags (#8479) 2023-07-15 11:56:12 +01:00
Laurent Cozic
dd6eec6a03 Tools: Apply rule @typescript-eslint/ban-types 2023-06-30 10:30:29 +01:00
Laurent Cozic
98440beffa All: Fixes #8286: Allow certain HTML anchor tags 2023-06-08 15:18:46 +01:00
Laurent Cozic
c89edd7b22 Tools: Implement "prefer-object-spread" eslint rule 2023-06-01 12:02:36 +01:00
Laurent Cozic
9e90d9016d All: Security: Prevent XSS by sanitizing certain HTML attributes 2023-05-19 11:00:31 +01:00
Laurent Cozic
caf66068bf Desktop, Mobile: Security: Disable SVG tag support in editor to prevent XSS 2023-05-17 16:00:24 +01:00
Laurent Cozic
8deba24d7d Chore: Improve TS types 2023-05-17 15:46:35 +01:00
Laurent Cozic
19bdda25c6 Desktop: Security: Prevent XSS and potential RCE when using a special HTML tag 2023-05-11 14:17:37 +01:00
Laurent Cozic
b26bc9ed5f Desktop: Security: Fixed possible XSS injection 2023-05-10 16:27:16 +01:00
Laurent Cozic
c1db7182ac Tools: Add class member accessibility modifiers and converted rule @typescript-eslint/explicit-member-accessibility to an error 2023-03-06 14:22:37 +00:00
Laurent Cozic
c990e81def Doc: Allow translating website 2022-11-22 18:17:24 +00:00
Laurent Cozic
8abdbfe2bd Fixed MdToHtml regression 2022-04-26 12:52:48 +01:00
Laurent Cozic
774c20772b Security: Fixed disallowed tag XSS 2022-04-25 17:18:27 +01:00
Laurent Cozic
810018b41f Desktop: Security: Fixes #6004: Prevent XSS in Goto Anything 2022-01-15 16:53:24 +00:00
Laurent Cozic
4deeed0d5c Desktop, Mobile: Fixes #5687: Fixed issue with parts of HTML notes not being displayed in some cases 2021-11-09 18:33:28 +00:00
Laurent Cozic
feaecf7653 Desktop, Mobile: Filter out form elements from note body to prevent potential XSS (thanks to Dmytro Vdovychinskiy for the PoC) 2021-06-11 20:17:45 +02:00
Laurent Cozic
9c20d5947d All: Security: Filter out NOSCRIPT tags that could be used to cause an XSS (thanks to Jubair Rehman for the PoC) 2021-05-10 11:22:12 +02:00
Laurent Cozic
d953f6bcab Desktop, Mobile: Fixes #4119: Fixed links imported from ENEX as HTML 2020-11-20 16:04:47 +00:00