maxmustermann/vscode
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
vscode/build
History
Matt Bierner 474d4951d8
Switch to dompurify for sanitizing markdown content (#131950) 
* Switch to dompurify for sanitizing markdown content

Switches us from using `insane` to instead use `dompurify`, which seems to be better maintained and also has some nice features, such as built-in trusted types support

I've tried to port over our existing sanitizer settings as best as possible, but there's not always a 1:1 mapping between how insane works and how dompurify does. I'd like to get this change in early in the iteration to catch potential regressions

* Remove logging and renaming param

* Move dompurify to browser layer

* Fixing tests and how we check valid attributes

* Allow innerhtml in specific files

* Use isEqualNode instead of checking innerHTML directly

innerHTML can return different results on different browsers. Use `isEqualNode` instead

* Reapply fix for trusted types

* Enable ALLOW_UNKNOWN_PROTOCOLS

I beleive this is required since we allow links to commands and loading images over remote

* in -> of

* Fix check of protocol

* Enable two more safe tags
2021-09-03 12:17:02 -07:00
..
azure-pipelines Update to latest playwright 2021-09-01 18:18:03 +02:00
builtin webview - remove more traces (#128128) 2021-07-07 18:28:53 +02:00
darwin chore: harder checks around universal build creation 2021-08-05 23:55:06 -07:00
lib Update build scripts 2021-08-31 10:21:19 -04:00
linux fix: CXXABI requirements for older distros (#129360) 2021-08-06 08:48:45 -07:00
monaco Move extra monaco.d.ts content to the recipe file 2021-08-20 10:21:29 +02:00
npm Move webNodePaths to run on compile since we rimraf out 2021-08-10 16:56:23 -04:00
win32 Remove rhtml as deprecated type 2021-08-17 18:00:32 -07:00
.cachesalt ci: update node modules cache 2021-08-20 10:19:59 -07:00
.gitattributes force .exe, .dll as binary to fix CRLF/LF problems (#107862) 2020-10-01 10:17:49 +02:00
.moduleignore :chore: sqlite3 module (#130654) 2021-08-12 09:37:55 +02:00
.webignore include model in web package 2021-07-19 14:26:16 -07:00
eslint.js isolate eslint from hygiene 2021-01-07 09:15:05 +01:00
filters.js Switch to dompurify for sanitizing markdown content (#131950) 2021-09-03 12:17:02 -07:00
gulpfile.compile.js Use the new loader format for web selfhost (#130592) 2021-08-11 11:59:14 -04:00
gulpfile.editor.js Move extra monaco.d.ts content to the recipe file 2021-08-20 10:21:29 +02:00
gulpfile.extensions.js Rename serializer extension and set up build scripts 2021-07-21 15:03:24 -07:00
gulpfile.hygiene.js isolate eslint from hygiene 2021-01-07 09:15:05 +01:00
gulpfile.js Use the new loader format for web selfhost (#130592) 2021-08-11 11:59:14 -04:00
gulpfile.reh.js Use x64 node for darwin-arm64. Fixes #115009 2021-01-27 16:49:16 +01:00
gulpfile.scan.js add compliance pipeline (#130289) 2021-08-09 07:37:21 -07:00
gulpfile.vscode.js Improve performance of language detection (#130006) 2021-08-06 11:56:14 -07:00
gulpfile.vscode.linux.js Migrate to new deb repo (#114527) 2021-01-18 14:43:24 +01:00
gulpfile.vscode.web.js
gulpfile.vscode.win32.js use esrpcli.dll 2021-07-09 15:34:36 +02:00
hygiene.js Fix precommit hook on Windows 2021-01-25 17:46:09 +01:00
jsconfig.json
package.json Pick up new TS version 2021-09-02 10:09:25 -07:00
tsconfig.build.json
tsconfig.json Build VS Code using TS 4.4 (#127823) 2021-07-08 14:27:39 -07:00
yarn.lock Pick up new TS version 2021-09-02 10:09:25 -07:00