Skip to content

Commit

Permalink
TinyMCE security fix (#4157)
Browse files Browse the repository at this point in the history
* Rector: CQ - UnusedForeachValueToArrayKeysRector (#1)

* Rector: CQ - UnusedForeachValueToArrayKeysRector

See Rector\CodeQuality\Rector\Foreach_\UnusedForeachValueToArrayKeysRector

* fixes + phpstan

See fix at rector: rectorphp/rector-src#6164

* Security fix for TinyMCE

- see GHSA-5359-pvf2-pw78

* Revert "Rector: CQ - UnusedForeachValueToArrayKeysRector (#1)"

This reverts commit 3d7eaf6.
  • Loading branch information
sreichel authored Aug 30, 2024
1 parent 9e0ca87 commit 611bbe7
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions js/mage/adminhtml/wysiwyg/tinymce/setup.js
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,7 @@ tinyMceWysiwygSetup.prototype =
automatic_uploads: false,
branding: false,
promotion: false,
convert_unsafe_embeds: true, // default in TinyMCE v7.0
convert_urls: false,
relative_urls: true,
skin: this.config.skin,
Expand Down

0 comments on commit 611bbe7

Please sign in to comment.