我在 GitHub 上收到此安全错误:
DOM 文本在不转义元字符的情况下被重新解释为 HTML。CodeQL
对于这部分代码:
var url = window.location.href;
var title = $('title').text();
$(document).ready(function() {
$("#shareit").html("<mobileshare3 class='mobileshare3'><a href='https://pinterest.com/pin/create/button/?url="+url+
"&media="+url+"&description="+title+"' rel='noreferrer' target='_blank' title='شارك على بانتيراست'>"+
"<i class='fab fa-pinterest'></i></a></mobileshare3><mobileshare5 class='mobileshare5'><a class='whatsapp' href='whatsapp://send?text="+
title+" "+url+"' rel='noreferrer' target='_top' title='شارك على واتساب'><i class='fab fa-whatsapp'></i></a></mobileshare5>"+
"<mobileshare4 class='mobileshare4'><a href='https://t.me/share/url?url="+url+"&text="+title+
"' rel='noreferrer' target='_blank' title='شارك على تيليغرام'><i class='fab fa-telegram-plane'></i></a></mobileshare4><mobileshare class='mobileshare'><a href='https://www.facebook.com/sharer.php?u="+
url+"&t="+title+"' rel='noreferrer' target='_blank' title='شارك على فايسيوك'><i class='fab fa-facebook'></i></a></mobileshare>");
});<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<div id="shareit">