Skip to content

0.7.1
Compare
Choose a tag to compare
@m-mujica m-mujica released this 14 Aug 17:56
· 80 commits to master since this release
v0.7.1
a15f701

Escape all script tags inside the docObject

Each generated HTML page has a script tag where the docObject is made available for other bit-docs plugins to use:

<script>
  var docObject = { /* most likely a big object */ };
</script>

If any of the string properties of the docObject has an unscaped closing script tag (</script) the HTML parser would close script tag outside the string prematurely causing parts of the docObject to be rendered on the screen.

See stealjs/stealjs#59

This patch release makes sure all closing script tags are escaped properly.

Diff: v0.7.0...v0.7.1

Assets 2
Loading