Comments (5)
Sorry haven't been able to try this yet but I thought using .text()
was xss safe? I.E. $('body').text('<script>alert("hi")</script>');
just prints the text without running the script.
Are you saying to run $('<script>alert('test')</script>').textillate();
?
from textillate.
Go to your index.html and change the "Grumpy..." line to be
<li><script>alert("test");</script></li>
If your plugin doesn't run, there is no alert. If the plugin runs, it will cause the alert.
from textillate.
Was able to create fiddle showing the issue based on your info:
http://jsfiddle.net/jschr/Rfz2s/
Good catch, not sure exactly what's going yet as the plugin relies on being able to inject html but I'm looking into it.
from textillate.
Just committed a fix for this: 0a23e38
from textillate.
Tested, works, thanks!
from textillate.
Related Issues (20)
- textillate.js is not working HOT 3
- No animations at all from textillate HOT 1
- Its not issue its question) HOT 5
- loop change
- Each word is cut off at the beginning and end on safari HOT 4
- RTL (Right To Left) languages problem HOT 1
- No out animation HOT 1
- Bug: iterating through a list selector, delay on the beginning of the animation
- maxDisplayTime
- custom css problems? HOT 1
- hide generated span before restart ( stop /start )
- Callback: how to use?
- jQuery.Deferred exception: $(...).textillate is not a function HOT 2
- end.tlt - не работает
- Control animation by buttons
- Textillate @types for typescript
- InitialDelay Option not working
- text changing on centered sentence
- . -3,2,100415336339668675477//9*++-+
- It can not work with animate.css v4.1.1 HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from textillate.