Font search #1

streude · 2025-10-10T12:55:26Z

Added search panel/results and token example.

service-coreservices · 2025-10-10T12:57:43Z

Checkmarx One – Scan Summary & Details – 2667a5bc-24cc-44bc-954d-342b6cfab7f8

New Issues (3)

Checkmarx found the following issues in this Pull Request

Issue	Source File / Package	Checkmarx Insight
Client_DOM_XSS	/index.html: 121	details The method makeAPIRequest embeds untrusted data in generated output with innerHTML, at line 187 of /index.html. This untrusted data is embedded i... `ID: Tnm0GcdhNRdAQEAMw3wMrMo%2FJ%2FY%3D` Attack Vector
Client_DOM_XSS	/index.html: 121	details The method makeAPIRequest embeds untrusted data in generated output with innerHTML, at line 159 of /index.html. This untrusted data is embedded i... `ID: f4nashfOEsQ4RKAIRPdvtqA28n8%3D` Attack Vector
Client_DOM_Open_Redirect	/token.html: 702	details The potentially tainted value provided by value in /token.html at line 702 is used as a destination URL by href in /token.html at line 732, poten... `ID: %2FpXQz8u%2FSL4djEeVbSe4vurl%2Bso%3D` Attack Vector

Use @Checkmarx to reach out to us for assistance.

Just send a PR comment with @Checkmarx followed by a natural language request.

Examples: @Checkmarx how are you able to help me? @Checkmarx rescan this PR

streude added 8 commits August 28, 2025 14:25

added search form

baf366f

Added loading message for search form

711da8d

added pagination

e5bd194

Fixed search list results issue

f0a013e

Fixed search payload

138524f

changed selects to be multi-selects

76a9557

Added ability to supply token (org ID)

437829a

added library page which requires token (org ID)

4d01aa5

streude added 14 commits October 10, 2025 09:06

added sanitizing of request method

3838f64

added token validation

eb28f73

simplified syntax

26c5850

Fixed syntax error

e97c7d5

added readline for FontGPT data

1277302

updated proxy to only return font data

73da0a0

Added ability for client to handle text streaming

ac974ac

updated proxy to pass through text streaming responses

22ec9cd

updated search to allow for contextual search

e4def27

added progress bar

449fc35

fixed HTML entities

105ce63

fixed pagination for LLM search

b6b7888

Fixed issue with text/event-stream timeouts

0312e4d

Trying to fix line returns

7aadf81

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Font search #1

Font search #1

Uh oh!

streude commented Oct 10, 2025

Uh oh!

service-coreservices commented Oct 10, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Font search #1

Are you sure you want to change the base?

Font search #1

Uh oh!

Conversation

streude commented Oct 10, 2025

Uh oh!

service-coreservices commented Oct 10, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

service-coreservices commented Oct 10, 2025 •

edited

Loading