Comments (1)
dpvc
commented on August 14, 2024
1
I don't believe the page you link is open to XSS attacks. While it is true that you yourself can enter such an image tag into the input area, the page does not initialize the input area with data from the URL parameters, so you can not create the kind of nefarious URL that you describe in the sympy issue that you site. (Also, that issue with the \unicode macro was resolve, as you seem to have found out, as your solution there was to update the version of MathJax, though I don't see why you suggested 2.7.4 rather than 2.7.9, the current highest version of v2.)
If you have something else in mind, could you be more specific?
from mathjax-demos-web.
Related Issues (20)
- Problems with color macros HOT 2
- mfenced has background color HOT 1
- Demo of tagFormat HOT 7
- Screen reader accessibility HOT 4
- Properly translating skipStartupTypeset into v3 config HOT 2
- Encapsulate part of equation into its own DOM element HOT 1
- "npm run make-custom-tex-extension" is not working HOT 5
- error when using the demo tex2svg page HOT 2
- Request: react and vue webpack bundling examples
- "npm run make-custom-tex-extension" is still not working. HOT 4
- Building a custom Tex extension crashes. HOT 8
- Code Conflict HOT 1
- tex_mml_2html request fail
- Change size of mathml with mathjax HOT 1
- update to 3.0.0-alpha.2 HOT 1
- [Converter] minScaleAdjust should be scaled down just like scale HOT 2
- use font-url for re-usability
- update to 3.0.0-alpha.3
- Example MathJax3 from NPM module HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mathjax-demos-web.