661d3d28e9
In the case of misuse or misunderstanding from a developer whereby, if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the creation of a new element. Current usage is using hard-coded selectors in the templates, but nobody prevents that from expanding to user-controlled somehow. |
||
---|---|---|
.. | ||
comp | ||
admin-common.js | ||
admin-emails.js | ||
admin-users.js | ||
clipboard.js | ||
codeeditor.js | ||
colorpicker.js | ||
common-global.js | ||
common-issue.js | ||
common-organization.js | ||
contextpopup.js | ||
dropzone.js | ||
emoji.js | ||
eventsource.sharedworker.js | ||
heatmap.js | ||
imagediff.js | ||
install.js | ||
notification.js | ||
org-team.js | ||
repo-branch.js | ||
repo-code.js | ||
repo-commit.js | ||
repo-common.js | ||
repo-diff.js | ||
repo-editor.js | ||
repo-graph.js | ||
repo-home.js | ||
repo-issue-content.js | ||
repo-issue.js | ||
repo-legacy.js | ||
repo-migrate.js | ||
repo-migration.js | ||
repo-projects.js | ||
repo-release.js | ||
repo-settings.js | ||
repo-template.js | ||
repo-unicode-escape.js | ||
repo-wiki.js | ||
serviceworker.js | ||
sshkey-helper.js | ||
stopwatch.js | ||
tablesort.js | ||
tribute.js | ||
user-auth-webauthn.js | ||
user-auth.js | ||
user-settings.js |