Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/azu/vue-decorate-html-without-v-html
Vue: Avoid to XSS on decorating for user input.
https://github.com/azu/vue-decorate-html-without-v-html
demo vue xss
Last synced: 21 days ago
JSON representation
Vue: Avoid to XSS on decorating for user input.
- Host: GitHub
- URL: https://github.com/azu/vue-decorate-html-without-v-html
- Owner: azu
- Created: 2019-05-23T07:07:35.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2019-11-02T00:08:06.000Z (about 5 years ago)
- Last Synced: 2024-10-05T12:42:05.330Z (3 months ago)
- Topics: demo, vue, xss
- Language: Vue
- Homepage: https://vue-decorate-html-without-v-html.netlify.com/
- Size: 696 KB
- Stars: 2
- Watchers: 3
- Forks: 0
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# vue-decorate-html-without-v-html
Demo: Avoid to XSS on decorating for user input.
Visit:
- [src/components/UnSafeParagraph.vue](src/components/UnSafeParagraph.vue) has a vulnerability.
- [src/components/SafeParagraph.vue](src/components/SafeParagraph.vue) is safe implementation, but a bit complex.
## XSS vector
Input: `alert(1)`
## Project setup
```
yarn install
```
### Compiles and hot-reloads for development
```
yarn run serve
```
### Compiles and minifies for production
```
yarn run build
```
### Run your tests
```
yarn run test
```
### Lints and fixes files
```
yarn run lint
```
### Customize configuration
See [Configuration Reference](https://cli.vuejs.org/config/).