[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[nongnu] elpa/web-mode 0fbf102616 08/15: Fix ‘{{~’ completion for Handl
|
From: |
ELPA Syncer |
|
Subject: |
[nongnu] elpa/web-mode 0fbf102616 08/15: Fix ‘{{~’ completion for Handlebars |
|
Date: |
Fri, 19 Aug 2022 05:59:27 -0400 (EDT) |
branch: elpa/web-mode
commit 0fbf1026169eb21544a9a784da99025295ede058
Author: Anders Kaseorg <andersk@mit.edu>
Commit: Anders Kaseorg <andersk@mit.edu>
Fix ‘{{~’ completion for Handlebars
We should not autocomplete ‘{{~’ to ‘{{~{ | }}}’, as that unexpectedly
disables HTML escaping in Handlebars, leading to cross-site scripting
vulnerabilities.
Instead, autocomplete ‘{{~ ’ to ‘{{~ | }}’ and ‘{{~{’ to ‘{{~{ | }}}’.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
---
web-mode.el | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/web-mode.el b/web-mode.el
index 03be12e3b5..fb41cc78f4 100644
--- a/web-mode.el
+++ b/web-mode.el
@@ -1172,9 +1172,10 @@ Must be used in conjunction with
web-mode-enable-block-face."
("<%=" . " | %>")
("<%#" . " | %>")))
("ctemplate" . (("{{ " . "| }}")
+ ("{{~ " . "| }}")
("{{{" . " | }}}")
("{~{" . " | }}")
- ("{{~" . "{ | }}}")
+ ("{{~{" . " | }}}")
("{{!" . "-- | --}}")
("{{^" . "}}")
("{{/" . "}}")
- [nongnu] elpa/web-mode updated (d8258fb33c -> b409f4bf33), ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode 3ccbe1279b 01/15: Add class and tag faces, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode 0e65a090d3 03/15: Enable string/literal interpolation for typescript, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode 34b08791ca 05/15: [ Elixir ] Match atoms, variables and function names before keywords, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode edf42372ba 06/15: fixed: web-mode-comment-indent-new-line, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode 5c8723ce3e 11/15: Merge pull request #1202 from wkirschbaum/elixir-font-lock-tweak, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode 0fbf102616 08/15: Fix ‘{{~’ completion for Handlebars,
ELPA Syncer <=
- [nongnu] elpa/web-mode b409f4bf33 15/15: Merge pull request #1122 from minikN/master, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode 2956ff94f7 02/15: Allow extra expanders to override standard ones, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode 1f037843ca 04/15: update: add mc/mark-previous-like-this `web-mode-commands-like-expand-region`, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode 4833df593e 09/15: Merge pull request #1248 from andersk/handlebars-completion, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode a0eb70a46f 14/15: Merge pull request #1153 from liZe/patch-1, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode a6b2d7b13e 13/15: Merge pull request #1167 from ojab/master, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode 313fa1c415 12/15: Merge pull request #1180 from Aaronzinhoo/update-default-like-expand-region-commands, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode f8824054d6 10/15: Merge pull request #1244 from ncaq/fix-space-padding-of-web-mode-comment-indent-new-line, ELPA Syncer, 2022/08/19
- [nongnu] elpa/web-mode b0606702fe 07/15: fixed: support multi line comment, ELPA Syncer, 2022/08/19