Aaron Shim
Aaron Shim
`.innerHTML` is considered a [HTML injection sink sink](https://w3c.github.io/webappsec-trusted-types/dist/spec/#html-injection-sinks) in Trusted Types. Replacing `.innerHTML` with the functionally equivalent `.textContent` for style elements should avoid Trusted Types violations.
Line 54 of [api_steps.rb](https://github.com/jayzes/cucumber-api-steps/blob/master/lib/cucumber/api_steps.rb) (`request path, request_opts`) throws the `undefined method`symbol' for nil:NilClass` in Rails 5 on API mode. I'm currently using an emergency patch of [api_steps.rb](https://github.com/aaronshim/cucumber-api-steps/blob/master/lib/cucumber/api_steps.rb) What could be...
Hello! We (@kj202 and I) noticed that the code in this library will cause [Trusted Types](https://w3c.github.io/webappsec-trusted-types/dist/spec/) violations by loading a version of the ReCAPTCHA script that is not Trusted Types...
Hello, After debugging a runtime error (shocking!) in my application, I found that guards may cause stack overflows when used in conjunction with a recursive call due to the non-lazy...
- Running `elm-upgrade` to get it to compile on 0.18
Auto-CSP is a feature to rewrite the `` tags in a index.html file to either hash their contents or rewrite them as a dynamic loader script that can be hashed....
**Describe the bug** The following (because of `pattern-inside:`) appears to suggest that this should only trigger if the `$X` in `$Y($X)` is still the same `$X` from `const [$X, $Y]...