You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fixescodepo8#2: video from on top of next image
Fixescodepo8#3: handle HTTP error on images
Fixescodepo8#4: avoid .innerHTML (fixes potential security issue)
.innerHTML
usage usually raises warnings from code security scanners.It might indeed be a security issue if you let anybody provide the slideshow URLs.
It's possible to replace by
.innerText
everywhere in slideshow.js, except line 6, where it's actually (static) HTML that is inserted.I can make a PR for that.
And this last usage of
.innerHTML
might be replaced by javascript code, too (but I did not do it)The text was updated successfully, but these errors were encountered: