jandieman
/
searxng
mirror of https://github.com/searxng/searxng.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
searxng/searx/static/themes/simple
History
Markus Heiser 2b26285a73 [fix] simple theme: make autocomplete-js CSP compliant 
The CSP issue is, that the `_Position` function in the autocomplete-js set the
style attributes by `setAttribute("style", ...)`.  Using `setAttribute` to set
the style attribute invokes the HTML parser and CSP is triggered [1].

This patch overwrite the `_Position` function of autocomplete-js.

BTW: remove trailing whitespace

[1] https://stackoverflow.com/a/57633533

Closes: https://github.com/searxng/searxng/issues/352
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
 		2021-12-05 11:48:23 +01:00
..
css [build] /static 2021-12-04 11:31:04 +01:00
img [build] /static 2021-11-30 12:43:18 +01:00
js [build] /static 2021-12-01 21:12:06 +01:00
src [fix] simple theme: make autocomplete-js CSP compliant 2021-12-05 11:48:23 +01:00
.eslintrc.json [fix] Optimize SVG for WEB usage / CSP 'style-src self' 2021-11-15 14:51:55 +01:00
.gitignore [themes] ignore packages-lock.json 2021-06-22 08:17:06 +02:00
.jshintrc [emacs] .dir-locals.el: add setup for js-mode 2021-06-24 13:27:21 +02:00
.stylelintrc.json [mod] add stylelint process to target themes.simple 2021-06-24 13:27:21 +02:00
gruntfile.js [fix] simple theme: make LESS sources available on non build hosts 2021-12-04 11:22:40 +01:00
package.json [mod] simple theme: smaller build 2021-11-30 23:04:37 +01:00
svg4favicon.svgo.js [enh] add SVG favicon href="favicon.svg" type="image/svg+xml" 2021-11-29 20:36:31 +01:00
svg4web.svgo.js [fix] Optimize SVG for WEB usage / CSP 'style-src self' 2021-11-15 14:51:55 +01:00