colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,792 Commits 1 Branch 0 Tags 48 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
Dan Brown ef459ca4c4
Altered the parsing of custom head to prevent htmlentities on content 
Was causing things like emjoi within script content to be somewhat
mangled. Instead we force UTF8 only parsing via XML declaration.

Added test to cover.

For #2923
 2021-09-12 16:19:17 +01:00
Dan Brown fb80bb5d58
Applied latest styleci changes 2021-09-06 22:19:06 +01:00
Dan Brown 492af79c27
Added a couple of additional CSP rules 
As per guidance from google's CSP evaluator.
 2021-09-04 14:34:43 +01:00
Dan Brown 253f386f00
Finished off script CSP rules 
- Added caching for custom html head parsing to add nonce.
- Also moved api docs page into web routes to prevent issues.
 2021-09-04 13:57:04 +01:00