Mark Michaelis
Mark Michaelis
**Describe the bug** We just tried migrating to jest-playwright 2.0.0, especially because of Jest 28 upgrade, as provided by #801. Unfortunately, build fails with: ``` .../[email protected]_qruclkpwe5tgscr3gxibacztji/node_modules/jest-playwright-preset/types/global.d.ts(233,5): error TS2709: Cannot use...
## 📝 Provide a description of the new feature We have a challenge similar to the GHS feature: Integrate to other plugins, if they are installed. GHS does so by...
### What version of gRPC are you using? 1.18.0 ### What did you expect to see? In order to be able to test with JUnit 5 I would like to...
The parser is unaware of system-dependent newlines such as CRLF (Windows) or CR (classic MacOS). My suggestion is, to document this behavior, rather than to change the whole processing. Anyone...
While possible a bad example, the following will produce corrupted data in AST: ```bbcode [url=javascript:alert('XSS ME');]TEXT[/url] [url=javascript:alert("XSS ME");]TEXT[/url] ``` This can already be seen in the HTML Render demo, that...
If "naively" creating custom tag mappings, you may run into this exception: ```text Uncaught RangeError: Maximum call stack size exceeded at Object.code (myHtml5Preset.ts:160:12) at myHtml5Preset.ts:72:72 at k8 (utils.js:7:33) ``` To...
If analyzed correctly, there is a subtle difference between `TagNode.content = null` and `TagNode.content = []`, that causes these code snippets to generate different representations of `TagNode`: https://github.com/JiLiZART/BBob/blob/3575982b280cc45c9cedaf7a059491a324c1b514/packages/bbob-preset-html5/src/defaultTags.js#L63-L67 https://github.com/JiLiZART/BBob/blob/3575982b280cc45c9cedaf7a059491a324c1b514/packages/bbob-plugin-helper/src/TagNode.js#L73 The...
https://github.com/JiLiZART/BBob/blob/3575982b280cc45c9cedaf7a059491a324c1b514/packages/bbob-plugin-helper/src/helpers.js#L77-L88 Without understanding the details, the description may benefit from some enhanced description (see below). Given my assumptions and tests are correct, I will refer to a possibly even dangerous...
https://github.com/JiLiZART/BBob/blob/3575982b280cc45c9cedaf7a059491a324c1b514/packages/bbob-plugin-helper/src/helpers.js#L28-L39 The name `escapeHTML` suggests, that the method may be used to sanitize text-content and get rid of probably malicious nested HTML in BBCode, like `[i]javascript:alert("XSS!"[/i]`. Unfortunately, the method has...
Despite `data:` and `javascript:` as well-known attack-vectors for XSS, the `file:` protocol may also cause malicious behavior. I think, it is rather safe (thus, backward-compatible) to also escape it here:...