expression list, skipping empty patch #28
GitHub Actions / Veracode Fix suggestions
succeeded
Sep 19, 2024 in 1s
Veracode Fix suggestions
Will create Veracode Fix suggestions as PR annotation
Annotations
Check warning on line 163 in app/templates/app/feed.html
github-actions / Veracode Fix suggestions
Securityy findings
len : 10
}, function(data) {
if (data) {
- $("#feed ul").append(data);
+$("#feed ul").append(DOMPurify.sanitize(data));
} else {
$(obj).remove();
}
Check warning on line 227 in app/templates/app/profile.html
github-actions / Veracode Fix suggestions
Securityy findings
$('input[name="' + key + '"]').val(val);
if (key === "username") {
- $('#profileImage').attr('src', image_path + val + '.png');
+$('#profileImage').attr('src', DOMPurify.sanitize(image_path + val + '.png'));
}
});
}
if ('message' in data) {
- $('body').append(data.message);
+$('body').append(DOMPurify.sanitize(data.message));
}
}
},
Loading