Merge pull request #27337 from edx/aakbar/xss-disable

refactor: disable xss for numerous files

lms/static/js/Markdown.Sanitizer.js

@@ -63,7 +63,7 @@
             tagname = tags[ctag].replace(/<\/?(\w+).*/, '$1');
             // skip any already paired tags
             // and skip tags in our ignore list; assume they're self-closed
-            if (tagpaired[ctag] || ignoredtags.search('<' + tagname + '>') > -1) { continue; }
+            if (tagpaired[ctag] || ignoredtags.search('<' + tagname + '>') > -1) { continue; } // eslint-disable-line max-len, xss-lint: disable=javascript-concat-html
 
             tag = tags[ctag];
             match = -1;
@@ -72,7 +72,7 @@
                 // this is an opening tag
                 // search forwards (next tags), look for closing tags
                 for (var ntag = ctag + 1; ntag < tagcount; ntag++) {
-                    if (!tagpaired[ntag] && tags[ntag] == '</' + tagname + '>') {
+                    if (!tagpaired[ntag] && tags[ntag] === '</' + tagname + '>') { // eslint-disable-line max-len, xss-lint: disable=javascript-concat-html
                         match = ntag;
                         break;
                     }

lms/static/js/dashboard/donation.js

@@ -31,7 +31,7 @@ var edx = edx || {};
                     type: 'hidden',
                     name: key,
                     value: value
-                }).appendTo(form);
+                }).appendTo(form); // xss-lint: disable=javascript-jquery-insert-into-target
             });
         };
 
@@ -98,7 +98,7 @@ var edx = edx || {};
             */
             render: function() {
                 var html = _.template($('#donation-tpl').html())({});
-                this.$el.html(html);
+                this.$el.html(html); // xss-lint: disable=javascript-jquery-html
                 this.$amount = $('input[name="amount"]', this.$el);
                 this.$submit = $('.action-donate', this.$el);
                 this.$errorMsg = $('.donation-error-msg', this.$el);

lms/static/js/toggle_login_modal.js

@@ -39,7 +39,7 @@
             // Deleting the video (clone) prevents the odd back button behavior.
                         var modal_clone = $(modal_id).clone(true, true);
                         modal_clone.attr('id', 'modal_clone');
-                        $(modal_id).after(modal_clone);
+                        $(modal_id).after(modal_clone); // xss-lint: disable=javascript-jquery-insertion
                         modal_id = '#modal_clone';
                     }