FOSS
/
urltomarkdown
mirror of https://github.com/macsplit/urltomarkdown
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
urltomarkdown/node_modules/@mozilla/readability/SECURITY.md

9 lines
1.1 KiB
Markdown
Executable File
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

# Security Policy
This code is included in Mozillas client [bug bounty program](https://www.mozilla.org/en-US/security/client-bug-bounty/).
If you find a security vulnerability, please submit it via the process outlined in the [FAQ pages](https://www.mozilla.org/en-US/security/client-bug-bounty/).
Please submit all security-related bugs through Bugzilla using the [client security bug form](https://bugzilla.mozilla.org/form.client.bounty). Never submit security-related bugs through a Github Issue or by email.
Note: as noted in the README.md file in this repository, `readability` itself does not intend to do security-related input sanitization, and you should use appropriate measures to sanitize input/output for your usecase. "XSS" or similar issues in JSDOMParser.js or Readability.js on their own are unlikely to be treated as security issues - it is expected that some interactive/scripting input may remain after `readability` processes input. If you can bypass appropriate sanitization measures like [DOMPurify](https://github.com/cure53/DOMPurify) you should report that using their procedures, not Mozillas.
Reference in New Issue View Git Blame Copy Permalink