Replies: 1 comment 1 reply
-
As far as I've confirmed. Test Steps
Generated summary HTML tags
|
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello, I just got a question about XSS when generating docs.
Unfortunately I don't have good understanding of the documents generation process therefore I wish to know
if XSS is possible in my scenation. Scenario is very simple.
Lets say following:
I create default DocFX template and put this into bin folder and just generate docs.
So my question: In this scenarion is this possible that some malicious JS code will be injected into generated docs?
For example some JS code inside .xml file or JS inside some attributes in .dll assembly or something like this?
Is this possible that anything in .xml or .dll DocFX will treat like JS code and inject it into HTML
or it always treat it as a text to display during generation of HTML pages?
Thank you in advance for your help
Best Regards
Marek
Beta Was this translation helpful? Give feedback.
All reactions