Comments (2)
Some light reading on the subject:
https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html - one to keep around
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
https://github.com/cure53/DOMPurify
https://developer.mozilla.org/en-US/docs/Web/API/Document/createElement
https://developer.mozilla.org/en-US/docs/Web/API/HTMLImageElement/Image
https://developer.mozilla.org/en-US/docs/Web/API/HTMLFormElement
https://developer.mozilla.org/en-US/docs/Web/API/HTMLAnchorElement
https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/Using_XMLHttpRequest
https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API
https://www.google.com/search?q=prevent+requests+outside+of+your+website&rlz=1C1GCEA_enUS1002US1002&oq=prevent+requests+outside+of+your+website&aqs=chrome..69i57j33i160l3.10095j0j7&sourceid=chrome&ie=UTF-8
https://stackoverflow.com/questions/61803412/prevent-a-web-application-from-making-http-requests-outside-a-domain-whitelist
https://stackoverflow.com/questions/60406933/prevent-request-to-another-domain
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/connect-src
https://security.stackexchange.com/questions/64055/how-to-ensure-that-only-my-single-page-app-can-make-requests-to-an-api
https://medium.com/snips-ai/how-to-block-third-party-scripts-with-a-few-lines-of-javascript-f0b08b9c4c0
from paranext-core.
Created some issues as follow-ups from this one:
#85
#86
#87
#88
#89
#90
#91
from paranext-core.
Related Issues (20)
- Paratext project settings do not support numbers, objects, arrays, etc.
- Localized string browser web view HOT 2
- Add no-fallback mode for localizations
- Menus - Revise how contribution ordering works
- Create Docker Image for Marketplace Publishing Tool
- Initial values for certain fields on Project Settings are not displaying from contribution file on packaged app HOT 2
- Characters Check Part 2 (Decomposed Characters)
- Sometimes project/resource text gets/got lost
- Add more unit tests for ScriptureRefKeyedList
- Only one instance of project/resource will survive on restart HOT 3
- Running multiple instances of Platform throws error
- Reload Extensions menu item from Main Menu in P.B reloading extensions only few times. HOT 2
- Remove remaining vestiges of MUI/material from code and remove package dependencies
- Research why some tailwind classes are missing and figure out how to override them in derived classes
- Decide whether to continue to create props to get imported shadcn classes to pass eslint or correctly configure eslint to ignore that problem in those files.
- Hook up Scroll Group UI to make it work in the editor HOT 3
- In some cases getMetadataForProject method is throwing errors HOT 1
- Connect in some way the shadcn documentation link to the shadcn components
- The P.B Button wrapper for shad/cn component is not passing down props
- Add first pass Send/Receive HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from paranext-core.