| Age | Commit message (Collapse) | Author |
|---|
|
* HTML Cleanup: Meta tags.
* Converted charset to shorthand.
* Removed meta tags with `Content-Script-Type` attribute. (Invalid in HTML5 spec.)
* HTML Cleanup: CSS tags.
* Removed `type` attribute with CSS files from link tags. (HTML5 spec recommends omitting it.)
* Removed `type` attribute from style tags. (Deprecated in HTML5 spec.)
https://html.spec.whatwg.org/#attr-link-type
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/style
* HTML Cleanup: Convert from XHTML to HTML5
* Removed XML declaration.
* Removed XML namespace.
* Changed doctype to HTML5.
* HTML Cleanup: CDATA tags.
* CDATA sections should not be used within HTML they are considered as comments and not displayed.
https://developer.mozilla.org/en-US/docs/Web/API/CDATASection
* HTML Cleanup: Script tags.
* Removed `language` attribute from script tags. (No longer valid in HTML5)
* Removed `type` attribute with JavaScript MIME type from script tags. (HTML5 spec recommends omitting it.)
https://html.spec.whatwg.org/multipage/scripting.html#attr-script-type
https://mimesniff.spec.whatwg.org/#javascript-mime-type
Signed-off-by: Mustafa Can Elmacı <mustafacan@elmaci.net>
|
|
Make sure to escape the user controlled URL passed as part of the error
message into the error404 template in order to avoid XSS.
Reported-by: 40826d <40826d@posteo.de>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Fixes: #6111
Fixes: 08ae8d40a9 ("luci-base, luci-lua-runtime: fix "dispatched" and "requested" properties")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Move classes required for Lua runtime support into a new `luci-lua-runtime`
package. Also replace the `luci.http` and `luci.util` classes in
`luci-lib-base` with stubbed versions interacting with the ucode based
runtime environment.
Finally merge `luci-base-ucode` into the remainders of `luci-base`.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
