Merge branch 'master' into bugfix/502/markdown-newline

2018-06-28 21:32:03 +02:00
parent 5c2925aeed db619e4cda
commit a7110082e7
28 changed files with 179 additions and 705 deletions
--- a/js/app/Config.js
+++ b/js/app/Config.js
@@ -33,6 +33,9 @@ app.config(function ($provide, $interpolateProvider, $httpProvider, $urlRouterPr


 	$compileProvider.debugInfoEnabled(true);
+	// This should fix adding "unsafe:" prefix to ui-select href links containing javascript
+	// inline JS is blocked by CSP anyway and filtered out by our markdown renderer as well
+	$compileProvider.aHrefSanitizationWhitelist(/^\s*(https?|javascript):/);

 	markdownItConverterProvider.config({
 		breaks: true,
--- a/js/package-lock.json
+++ b/js/package-lock.json
--- a/js/package.json
+++ b/js/package.json
@@ -25,10 +25,10 @@
    "babel-loader": "^7.1.2",
    "babel-preset-env": "^1.7.0",
    "css-loader": "^0.28.9",
-    "karma": "^2.0.3",
+    "karma": "^2.0.4",
    "mini-css-extract-plugin": "^0.4.0",
    "node-sass": "^4.5.3",
-    "webpack": "^4.12.0",
+    "webpack": "^4.12.1",
    "webpack-cli": "^3.0.8",
    "webpack-merge": "^4.1.3"
  },