Fix slide might trigger script when processing markdown which cause XSS [Security Issue]

2016-11-26 22:46:08 +08:00
parent 9383df59c9
commit f86a9e0c4b
3 changed files with 12 additions and 16 deletions
--- a/public/views/slide.ejs
+++ b/public/views/slide.ejs
@@ -55,7 +55,7 @@
    <body>
        <div class="container">
            <div class="reveal">
-                <div class="slides"><%- slides %></div>
+                <div class="slides" style="display: none;"><%- body %></div>
            </div>

            <div id="meta" style="display: none;"><%- meta %></div>