Skip to content

C
coopwire-hypothesis
Switch branch/tag
History Find file
  • Robert Knight's avatar
    Only import known config params from the host page · 0d95508e
    Robert Knight authored 
    The previous method of importing config params allowed the host page to
override any configuration parameter provided by the service hosting the
client's app.html file, potentially introducing vulnerabilities.

This PR limits the client to importing only config parameters from a
whitelist. This also has the benefit of clearly documenting all the
parameters that can come from the host page in one place in the code.
    0d95508e
Name
Last commit
 Last update
..
directive Loading commit data...
filter Loading commit data...
reducers Loading commit data...
templates Loading commit data...
test Loading commit data...
util Loading commit data...
vendor Loading commit data...
annotation-mapper.js Loading commit data...
annotation-metadata.js Loading commit data...
annotation-ui.js Loading commit data...
annotation-viewer-controller.js Loading commit data...
app-controller.js Loading commit data...
app.js Loading commit data...
auth.js Loading commit data...
build-thread.js Loading commit data...
date-util.js Loading commit data...
drafts.js Loading commit data...
events.js Loading commit data...
features.js Loading commit data...
flash.coffee Loading commit data...
form-respond.coffee Loading commit data...
frame-sync.js Loading commit data...
ga.js Loading commit data...
groups.js Loading commit data...
host-config.js Loading commit data...
host.coffee Loading commit data...
live-reload-client.js Loading commit data...
local-storage.coffee Loading commit data...
markdown-commands.js Loading commit data...
media-embedder.js Loading commit data...
permissions.coffee Loading commit data...
query-parser.coffee Loading commit data...
raven.js Loading commit data...
render-markdown.js Loading commit data...
retry-util.js Loading commit data...
root-thread.js Loading commit data...
search-client.js Loading commit data...
search-filter.coffee Loading commit data...
service-url.js Loading commit data...
session.js Loading commit data...
store.js Loading commit data...
stream-controller.coffee Loading commit data...
stream-filter.coffee Loading commit data...
streamer.js Loading commit data...
tabs.js Loading commit data...
tags.coffee Loading commit data...
time.js Loading commit data...
ui-constants.js Loading commit data...
unicode.coffee Loading commit data...
view-filter.coffee Loading commit data...
virtual-thread-list.js Loading commit data...
websocket.js Loading commit data...
widget-controller.js Loading commit data...