Changes between Initial Version and Version 1 of Ticket #11461, comment 17
- Timestamp:
- Jan 20, 2015, 11:18:38 AM (9 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #11461, comment 17
initial v1 9 9 * https://github.com/cksource/ckeditor-dev/commit/bffdb775ae7ea660b1129a2bf74fca39ab2d8663 10 10 * https://github.com/cksource/ckeditor-dev/commit/c42c25d9a5b0ff0845320afa5571ab81e33d6bed - this needs clarification and test. How is it possible that getSelectedElement returns something else than an element? 11 * http://security.stackexchange.com/questions/50970/is-it-safe-to-use-createhtmldocument-to-sanitize-html and http://blog.kotowicz.net/2011/10/sad-state-of-dom-security-or-how-we-all.html and I lost confidence about that document creating. 11 * http://security.stackexchange.com/questions/50970/is-it-safe-to-use-createhtmldocument-to-sanitize-html and http://blog.kotowicz.net/2011/10/sad-state-of-dom-security-or-how-we-all.html and I lost confidence about that document creating. However, https://github.com/cure53/DOMPurify/blob/master/purify.js#L185 is using this technique, so maybe it's not that bad still. 12 12 * https://github.com/cksource/ckeditor-dev/commit/64fb022eef3fb97cb4201dd75237a748429d519c 13 13 * https://github.com/cksource/ckeditor-dev/commit/375a1b3d420a0 - why?
