mirror of
https://github.com/Microsoft/vscode
synced 2024-09-13 13:46:13 +00:00
474d4951d8
* Switch to dompurify for sanitizing markdown content Switches us from using `insane` to instead use `dompurify`, which seems to be better maintained and also has some nice features, such as built-in trusted types support I've tried to port over our existing sanitizer settings as best as possible, but there's not always a 1:1 mapping between how insane works and how dompurify does. I'd like to get this change in early in the iteration to catch potential regressions * Remove logging and renaming param * Move dompurify to browser layer * Fixing tests and how we check valid attributes * Allow innerhtml in specific files * Use isEqualNode instead of checking innerHTML directly innerHTML can return different results on different browsers. Use `isEqualNode` instead * Reapply fix for trusted types * Enable ALLOW_UNKNOWN_PROTOCOLS I beleive this is required since we allow links to commands and loading images over remote * in -> of * Fix check of protocol * Enable two more safe tags
24 lines
758 B
Plaintext
24 lines
758 B
Plaintext
**/vs/nls.build.js
|
|
**/vs/nls.js
|
|
**/vs/css.build.js
|
|
**/vs/css.js
|
|
**/vs/loader.js
|
|
**/dompurify/**
|
|
**/marked/**
|
|
**/semver/**
|
|
**/test/**/*.js
|
|
**/node_modules/**
|
|
**/vscode-api-tests/testWorkspace/**
|
|
**/vscode-api-tests/testWorkspace2/**
|
|
**/extensions/**/out/**
|
|
**/extensions/**/build/**
|
|
**/extensions/markdown-language-features/media/**
|
|
**/extensions/markdown-language-features/notebook-out/**
|
|
**/extensions/typescript-basics/test/colorize-fixtures/**
|
|
**/extensions/**/dist/**
|
|
**/extensions/typescript-language-features/test-workspace/**
|
|
|
|
# These files are not linted by `yarn eslint`, so we exclude them from being linted in the editor.
|
|
# This ensures that if we add new rules and they pass CI, there are also no errors in the editor.
|
|
/resources/web/code-web.js
|