-
Robert Knight authoredThe previous method of importing config params allowed the host page to override any configuration parameter provided by the service hosting the client's app.html file, potentially introducing vulnerabilities. This PR limits the client to importing only config parameters from a whitelist. This also has the benefit of clearly documenting all the parameters that can come from the host page in one place in the code.
0d95508e
| Name |
Last commit
|
Last update |
|---|---|---|
| .github | ||
| docs | ||
| images | ||
| scripts | ||
| src | ||
| .eslintignore | ||
| .eslintrc | ||
| .gitignore | ||
| .npmignore | ||
| .npmrc | ||
| .travis.yml | ||
| CHANGELOG.md | ||
| CODE_OF_CONDUCT | ||
| Jenkinsfile | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
| gulpfile.js | ||
| npm-shrinkwrap.json | ||
| package.json |