mirror/hugo
1
0
Fork 0
mirror of https://github.com/gohugoio/hugo.git synced 2025-08-14 20:33:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Also handle inline HTML comments

Browse Source
This commit is contained in:
Bjørn Erik Pedersen
2025-01-21 18:52:58 +01:00
parent f1de5d2a04
commit 637995ba8f
2 changed files with 33 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
markup/goldmark/goldmark_integration_test.go
View File

@@ -885,10 +885,27 @@ title: "p1"
<img border="0" src="pic_trulli.jpg" alt="Trulli">
-->
XSS
## XSS
<!-- --><script>alert("I just escaped the HTML comment")</script><!-- -->
## More
This is a <!--hidden--> word.
This is a <!-- hidden--> word.
This is a <!-- hidden --> word.
This is a <!--
hidden --> word.
This is a <!--
hidden
--> word.
-- layouts/_default/single.html --
{{ .Content }}
`