Enhance security by adding DOMPurify comments in Vue components and updating path handling comments in server utilities to mitigate path traversal risks.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 46s
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 46s
This commit is contained in:
Torsten Schulz (local)
@@ -64,6 +64,7 @@ export default defineEventHandler(async (event) => {
|
||||
} catch (error) {
|
||||
// nosemgrep: javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring
|
||||
// file is from readdir, not user input; error.message is safe
|
||||
// nosemgrep: javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring
|
||||
console.error(`Fehler beim Laden von ${file}:`, error.message)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user