Jo-Philipp Wich 993151504e luci-base: form.js: do not execute embedded script code in stripTags() ... Instead of relying on .innerHTML which executes embedded script code to parse a given HTML fragment, use dom.parse() which utilizies DOMParser() internally in order to extract textContent in a safe manner. Fixes: FS#4199 Ref: https://bugs.openwrt.org/index.php?do=details&task_id=4199 Signed-off-by: Jo-Philipp Wich <jo@mein.io>		2021-12-23 17:08:21 +01:00
..
cbi	luci-base: move old cbi icons to luci-compat	2020-05-07 19:40:29 +02:00
icons	luci-base: optimize some PNG files	2020-05-07 20:05:52 +02:00
protocol	treewide: drop MAC and MTU from interfaces (protocols)	2021-05-28 15:34:41 +02:00
tools	luci-base: widget.js: use firewall.getZoneColorStyle() in zone widgets	2021-11-11 13:00:50 +01:00
cbi.js	luci-base: cbi.js: properly handle non-strings in %h and %q formats	2021-12-09 16:25:50 +01:00
firewall.js	luci-base: firewall.js: add getZoneColorStyle() helper	2021-11-11 13:00:50 +01:00
form.js	luci-base: form.js: do not execute embedded script code in stripTags()	2021-12-23 17:08:21 +01:00
fs.js	luci-base: harmonize JS class naming and requesting	2020-04-02 21:51:20 +02:00
luci.js	luci-base: luci.js: fix undefined variable access in Request.request()	2021-11-16 13:06:03 +01:00
network.js	luci-base: network.js: ignore wireless ifname patterns on retrieving devices	2021-11-10 11:57:43 +01:00
promis.min.js	luci-base: add ES6 Promise polyfill for IE < Edge	2019-07-07 15:25:49 +02:00
rpc.js	luci-base: don't append object.method to the RPC url	2020-09-23 16:54:18 +02:00
uci.js	luci-base: uci.js: merge changes when retrieving entire sections	2021-03-29 22:35:50 +02:00
ui.js	luci-base: ui.js: avoid error tooltips overlapping dropdowns	2021-12-09 15:29:36 +01:00
validation.js	Merge pull request #5442 from lvoegl/validation-error-popup-message	2021-11-18 11:39:45 +01:00
xhr.js	luci-base: luci.js: add HTTP request functions	2019-07-07 15:25:49 +02:00