Update src/config.ts
Agree! Co-authored-by: Sidharth Vinod <sidharthv96@gmail.com>
This commit is contained in:
parent
9a0d5e31b7
commit
0e0802a588
|
@ -151,7 +151,7 @@ export const getConfig = (): MermaidConfig => {
|
|||
*/
|
||||
export const sanitize = (options: any) => {
|
||||
// Checking that options are not in the list of excluded options
|
||||
siteConfig.secure?.forEach((key) => {
|
||||
['secure', ...(siteConfig.secure ?? [])].forEach((key) => {
|
||||
if (typeof options[key] !== 'undefined') {
|
||||
// DO NOT attempt to print options[key] within `${}` as a malicious script
|
||||
// can exploit the logger's attempt to stringify the value and execute arbitrary code
|
||||
|
|
Loading…
Reference in New Issue