library-mirrors/jquery-ui
1
0
Fork 0
mirror of https://github.com/jquery/jquery-ui.git synced 2024-11-21 11:04:24 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
62f2ccc567
jquery-ui/tests/unit/checkboxradio
History
Michał Gołębiowski-Owczarek 8cc5bae1ca
Checkboxradio: Don't re-evaluate text labels as HTML 
If you generate a Checkboxradio from a checkbox/radio with a label that
contains encoded HTML, e.g. `<em>test</em>` this will work fine
at first. If, however a refresh is triggered on that instance (explicitly or
e.g. by turning it into a `Controlgroup`), the previously escaped HTML will
now be evaluated.

If the label was created based on some user input, this could lead to
unexpected code execution even though the initial output was escaped.

Fixes gh-2101
Closes gh-2102
2022-07-14 20:52:02 +02:00
..
all.html Checkboxradio: Add compound test suite for all jQuery versions 2015-10-28 09:15:11 -04:00
checkboxradio.html Checkboxradio: Don't re-evaluate text labels as HTML 2022-07-14 20:52:02 +02:00
common.js Checkboxradio: Test cleanup 2015-10-27 16:05:52 -04:00
core.js Checkboxradio: Don't re-evaluate text labels as HTML 2022-07-14 20:52:02 +02:00
events.js Build: Migrate from JSHint & JSCS to ESLint 2021-06-07 00:58:12 +02:00
methods.js Checkboxradio: Don't re-evaluate text labels as HTML 2022-07-14 20:52:02 +02:00
options.js Build: Migrate from JSHint & JSCS to ESLint 2021-06-07 00:58:12 +02:00