mermaid/cypress/platform/xss.html

<html>
  <head>
    <script src="./viewer.js" type="module"></script>
    <link href="https://fonts.googleapis.com/css?family=Montserrat&display=swap" rel="stylesheet" />
    <style>
      .malware {
        position: fixed;
        bottom: 0;
        left: 0;
        right: 0;
        height: 150px;
        background: red;
        color: black;
        display: flex;
        display: flex;
        justify-content: center;
        align-items: center;
        font-family: monospace;
        font-size: 72px;
      }
    </style>
    <script>
      function xssAttack() {
        const div = document.createElement('div');
        div.id = 'the-malware';
        div.className = 'malware';
        div.innerHTML = 'XSS Succeeded';
        document.getElementsByTagName('body')[0].appendChild(div);
        // const el = document.querySelector('.mermaid');
        // el.parentNode.removeChild(el);
        throw new Error('XSS Succeeded');
      }
    </script>
  </head>
  <body>
    <script type="module">
      import mermaid from './mermaid.esm.mjs';
      mermaid.initialize({
        startOnLoad: false,
        useMaxWidth: true,
      });
    </script>
  </body>
</html>
#927 Adding support for cypress and Percy 2019-09-11 18:53:05 +02:00			`<html>`
			`<head>`
fix: tests 2022-09-23 10:40:56 +05:30			`<script src="./viewer.js" type="module"></script>`
Prettier pass 2022-09-05 01:00:47 +05:30			`<link href="https://fonts.googleapis.com/css?family=Montserrat&display=swap" rel="stylesheet" />`
#927 Adding support for cypress and Percy 2019-09-11 18:53:05 +02:00			`<style>`
			`.malware {`
			`position: fixed;`
Prettier pass 2022-09-05 01:00:47 +05:30			`bottom: 0;`
			`left: 0;`
			`right: 0;`
#927 Adding support for cypress and Percy 2019-09-11 18:53:05 +02:00			`height: 150px;`
			`background: red;`
			`color: black;`
			`display: flex;`
			`display: flex;`
			`justify-content: center;`
			`align-items: center;`
			`font-family: monospace;`
			`font-size: 72px;`
			`}`
			`</style>`
			`<script>`
chore: apply linting to html ext too and fixes for files 2021-12-04 15:28:40 -08:00			`function xssAttack() {`
			`const div = document.createElement('div');`
			`div.id = 'the-malware';`
			`div.className = 'malware';`
			`div.innerHTML = 'XSS Succeeded';`
#903 Allowing >,< and = characters in svg. Updating xss tests to handle both htmlLabels and non htmlLabels 2019-12-07 12:19:45 +01:00			`document.getElementsByTagName('body')[0].appendChild(div);`
			`// const el = document.querySelector('.mermaid');`
			`// el.parentNode.removeChild(el);`
fix: typo in cypress 2022-06-27 12:29:50 +09:00			`throw new Error('XSS Succeeded');`
#927 Adding support for cypress and Percy 2019-09-11 18:53:05 +02:00			`}`
			`</script>`
			`</head>`
			`<body>`
Fix E2E Tests 2023-02-19 14:03:11 +05:30			`<script type="module">`
			`import mermaid from './mermaid.esm.mjs';`
#927 Adding support for cypress and Percy 2019-09-11 18:53:05 +02:00			`mermaid.initialize({`
			`startOnLoad: false,`
			`useMaxWidth: true,`
			`});`
			`</script>`
			`</body>`
			`</html>`