Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Mutated XSS chapter to reference the current API. #219

Merged
merged 3 commits into from
May 29, 2024
Merged

Update Mutated XSS chapter to reference the current API. #219

merged 3 commits into from
May 29, 2024

Conversation

otherdaniel
Copy link
Collaborator

@otherdaniel otherdaniel commented Apr 16, 2024
edited by pr-preview bot
Loading

Remove refences to .sanitize and .sanitizeFor.
Update the text to reference the current API.

Fixes #213.

Preview | Diff

securityMB
securityMB reviewed Apr 16, 2024
View reviewed changes
index.bs Outdated

If a developer were to retrieve a sanitized node tree as a string, e.g. via
`.innerHTML`, and to then parse it again then mutated XSS may occur.
We recommend against this practice. If processing or passing of HTML as a
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe "discourage" instead of "recommend against"? For me, as a non-native speaker, the latter sounds a little off.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

@lukewarlow
Copy link
Contributor

If you rebase this with main it should add a preview link to the PR

@otherdaniel
Copy link
Collaborator Author

If you rebase this with main it should add a preview link to the PR

... and there it is! :-) Thank you!

@mozfreddyb mozfreddyb merged commit c8e529d into WICG:main May 29, 2024
2 checks passed
github-actions bot added a commit that referenced this pull request May 29, 2024
@otherdaniel @github-actions
Update Mutated XSS chapter to reference the current API. (#219)
dbdc26c 
SHA: c8e529d
Reason: push, by mozfreddyb

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@securityMB securityMB securityMB left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

mXSS section outdated
4 participants
@otherdaniel @lukewarlow @securityMB @mozfreddyb