Project

General

Profile

Actions

Task #105364

closed

Update repository.ts DOM TEXT Interpreted as HTML

Added by TYPO3 GmbH TYPO3com about 1 month ago. Updated about 1 month ago.

Status:
Rejected
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2024-10-19
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Description:
By using textContent, it will avoid the risk of HTML injection, as these properties automatically escape any HTML special characters in the provided text.
This helps make page more safer as compare to innerHTML and prevent cross-site scripting (XSS) vulnerabilities by treating the input as plain text rather than interpreted HTML.

This issue was automatically created from https://github.com/TYPO3/typo3/pull/538

Actions

Also available in: Atom PDF