github/svgedit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
11baad04025664abee66c3cc6d5515dac568dd19
svgedit/editor
History
Brett Zamir 11baad0402 - Security fix/Breaking change (Imagelib): Require allowedImageLibOrigins 
config array be set with safe origins or otherwise reject `postMessage`
  messages in case from untrusted sources
- Security fix/Breaking change (xdomain): Namespace xdomain file to avoid
  it being used to modify non-xdomain storage
- Security fix (Imagelib): Expose `dropXMLInternalSubset` to extensions
  for preventing billion laughs attack (and use in Imagelib)
2018-09-24 20:59:47 +08:00
..
canvg
LGTM.com-inspired changes:
2018-09-21 10:56:07 +08:00
contextmenu
- npm: Update devDeps
2018-09-07 08:19:45 +08:00
extensions
- Security fix/Breaking change (Imagelib): Require allowedImageLibOrigins
2018-09-24 20:59:47 +08:00
external
- npm: Update devDeps
2018-09-07 08:19:45 +08:00
images
- Fix: Add images (and references) for fallback (#135)
2018-07-31 00:18:39 -07:00
jgraduate
- Fix (jPicker): Avoid setting Math.precision pseudo-global
2018-09-22 09:01:13 +08:00
jquery-ui
Update to jQuery and jQuery-UI latest
2012-02-23 02:48:21 +00:00
jquerybbq
(INCOMPLETE: ES6 Module conversion and linting)
2018-05-22 18:02:57 +08:00
js-hotkeys
(INCOMPLETE: ES6 Module conversion and linting)
2018-05-22 18:02:57 +08:00
jspdf
- Fix: Ensure poly shape has a points attribute
2018-09-22 11:59:34 +08:00
locale
- Fix (Context menus): Avoid showing double shortcuts (#285); add some
2018-09-14 07:18:26 +08:00
spinbtn
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
svgicons
- Enhancement: Create xdomain file build which works without ES6 Modules
2018-07-30 12:51:57 -07:00
browser-not-supported.html
- Refactoring (Browser unsupported): Restore newly appied HTML/CSS standards, add lbs; remove now unused file
2018-05-18 11:55:28 +08:00
browser.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
contextmenu.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
coords.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
draw.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
embedapi-dom.js
- Security fix (minor): For embedded API, avoid chance for arbitrary property
2018-09-22 10:06:25 +08:00
embedapi.html
(INCOMPLETE: ES6 Module conversion and linting)
2018-05-22 18:02:57 +08:00
embedapi.js
- Linting (LGTM): Mark remote property injection in embedapi as safe
2018-09-24 20:08:49 +08:00
history.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
historyrecording.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
jQuery.attr.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
jquery.min.js
(INCOMPLETE: ES6 Module conversion and linting)
2018-05-22 18:02:57 +08:00
layer.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
math.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
namespaces.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
path.js
LGTM.com-inspired changes:
2018-09-21 10:56:07 +08:00
recalculate.js
- Fix (jPicker): Avoid setting Math.precision pseudo-global
2018-09-22 09:01:13 +08:00
redirect-on-lacking-support.js
(INCOMPLETE: ES6 Module conversion and linting)
2018-05-22 18:02:57 +08:00
sanitize.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
select.js
LGTM.com-inspired changes:
2018-09-21 10:56:07 +08:00
svg-editor-es.html
- Fix (Context menus): Avoid showing double shortcuts (#285); add some
2018-09-14 07:18:26 +08:00
svg-editor.css
- Fix (Locale): Remove bad characters in Persian (fa) file
2018-05-20 15:04:11 +08:00
svg-editor.html
- Fix (Context menus): Avoid showing double shortcuts (#285); add some
2018-09-14 07:18:26 +08:00
svg-editor.js
- Security fix/Breaking change (Imagelib): Require allowedImageLibOrigins
2018-09-24 20:59:47 +08:00
svg-editor.manifest
- Linting (ESLint): Add xdomain file to ignore file
2018-07-31 15:15:25 -07:00
svgcanvas.js
- Security fix/Breaking change (Imagelib): Require allowedImageLibOrigins
2018-09-24 20:59:47 +08:00
svgpathseg.js
- npm: Update devDeps
2018-09-07 08:19:45 +08:00
svgtransformlist.js
LGTM.com-inspired changes:
2018-09-21 10:56:07 +08:00
touch.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
typedefs.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
units.js
- Security fix: 'extPath', 'imgPath', 'extIconsPath', 'canvgPath', 'langPath', 'jGraduatePath', and 'jspdfPath' were not being prevented
2018-07-08 22:39:46 -07:00
utilities.js
- Security fix/Breaking change (Imagelib): Require allowedImageLibOrigins
2018-09-24 20:59:47 +08:00
xdomain-svg-editor-es.html
- Fix (Context menus): Avoid showing double shortcuts (#285); add some
2018-09-14 07:18:26 +08:00
xdomain-svg-editor.html
- Fix (Context menus): Avoid showing double shortcuts (#285); add some
2018-09-14 07:18:26 +08:00
xdomain-svgedit-config-es.js
- Security fix/Breaking change (Imagelib): Require allowedImageLibOrigins
2018-09-24 20:59:47 +08:00
xdomain-svgedit-config-iife.js
- Fix (jPicker): Avoid setting Math.precision pseudo-global
2018-09-22 09:01:13 +08:00