a751649c8d
Both Firefox and Safari are vulnerable to XSS if we use an inert document created via `document.implementation.createHTMLDocument()`. Now we check for those vulnerabilities and then use a DOMParser or XHR strategy if needed. Further the platform-server has its own library for parsing HTML, so we sniff for that (by checking whether DOMParser exists) and fall back to the standard strategy. Thanks to @cure53 for the heads up on this issue. PR Close #17019
42 lines
676 B
JSON
42 lines
676 B
JSON
{
|
|
"cli-hello-world": {
|
|
"master": {
|
|
"uncompressed": {
|
|
"inline": 1447,
|
|
"main": 154185,
|
|
"polyfills": 59179
|
|
}
|
|
}
|
|
},
|
|
"hello_world__closure": {
|
|
"master": {
|
|
"uncompressed": {
|
|
"bundle": 101744
|
|
}
|
|
}
|
|
},
|
|
"hello_world__render3__closure": {
|
|
"master": {
|
|
"uncompressed": {
|
|
"bundle": 8153
|
|
}
|
|
}
|
|
},
|
|
"hello_world__render3__rollup": {
|
|
"master": {
|
|
"uncompressed": {
|
|
"bundle": 10034
|
|
}
|
|
}
|
|
},
|
|
"hello_world__render3__cli": {
|
|
"master": {
|
|
"uncompressed": {
|
|
"inline": 1447,
|
|
"main": 40513,
|
|
"polyfills": 61085
|
|
}
|
|
}
|
|
}
|
|
}
|