From b8d36e7a18b9a63a5774688f1dc6fbb17892d45f Mon Sep 17 00:00:00 2001
From: Ali-D-Akbar <aliakbarit019@gmail.com>
Date: Wed, 14 Apr 2021 16:42:57 +0500
Subject: [PATCH 1/3] refactor: disable xss PROD-2316

---
 lms/static/js/dashboard/donation.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lms/static/js/dashboard/donation.js b/lms/static/js/dashboard/donation.js
index 0ea1fb92bd..3618c79d4a 100644
--- a/lms/static/js/dashboard/donation.js
+++ b/lms/static/js/dashboard/donation.js
@@ -31,7 +31,7 @@ var edx = edx || {};
                     type: 'hidden',
                     name: key,
                     value: value
-                }).appendTo(form);
+                }).appendTo(form); // xss-lint: disable=javascript-jquery-insert-into-target
             });
         };
 
@@ -98,7 +98,7 @@ var edx = edx || {};
             */
             render: function() {
                 var html = _.template($('#donation-tpl').html())({});
-                this.$el.html(html);
+                this.$el.html(html); // xss-lint: disable=javascript-jquery-html
                 this.$amount = $('input[name="amount"]', this.$el);
                 this.$submit = $('.action-donate', this.$el);
                 this.$errorMsg = $('.donation-error-msg', this.$el);

From f82955bb62c39e7150c08fed760734c6cb8fecb1 Mon Sep 17 00:00:00 2001
From: Ali-D-Akbar <aliakbarit019@gmail.com>
Date: Wed, 14 Apr 2021 16:56:51 +0500
Subject: [PATCH 2/3] refactor: disable xss PROD-2313

---
 lms/static/js/toggle_login_modal.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lms/static/js/toggle_login_modal.js b/lms/static/js/toggle_login_modal.js
index 4c2f9a424e..1120115993 100644
--- a/lms/static/js/toggle_login_modal.js
+++ b/lms/static/js/toggle_login_modal.js
@@ -39,7 +39,7 @@
             // Deleting the video (clone) prevents the odd back button behavior.
                         var modal_clone = $(modal_id).clone(true, true);
                         modal_clone.attr('id', 'modal_clone');
-                        $(modal_id).after(modal_clone);
+                        $(modal_id).after(modal_clone); // xss-lint: disable=javascript-jquery-insertion
                         modal_id = '#modal_clone';
                     }
 

From eb1eb06bbd92cc5828586420959e6c9ffda886c8 Mon Sep 17 00:00:00 2001
From: Ali-D-Akbar <aliakbarit019@gmail.com>
Date: Wed, 14 Apr 2021 17:21:31 +0500
Subject: [PATCH 3/3] refactor: disable xss PROD-2312

---
 lms/static/js/Markdown.Sanitizer.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lms/static/js/Markdown.Sanitizer.js b/lms/static/js/Markdown.Sanitizer.js
index ea4cf7d52b..04635108fc 100644
--- a/lms/static/js/Markdown.Sanitizer.js
+++ b/lms/static/js/Markdown.Sanitizer.js
@@ -63,7 +63,7 @@
             tagname = tags[ctag].replace(/<\/?(\w+).*/, '$1');
             // skip any already paired tags
             // and skip tags in our ignore list; assume they're self-closed
-            if (tagpaired[ctag] || ignoredtags.search('<' + tagname + '>') > -1) { continue; }
+            if (tagpaired[ctag] || ignoredtags.search('<' + tagname + '>') > -1) { continue; } // eslint-disable-line max-len, xss-lint: disable=javascript-concat-html
 
             tag = tags[ctag];
             match = -1;
@@ -72,7 +72,7 @@
                 // this is an opening tag
                 // search forwards (next tags), look for closing tags
                 for (var ntag = ctag + 1; ntag < tagcount; ntag++) {
-                    if (!tagpaired[ntag] && tags[ntag] == '</' + tagname + '>') {
+                    if (!tagpaired[ntag] && tags[ntag] === '</' + tagname + '>') { // eslint-disable-line max-len, xss-lint: disable=javascript-concat-html
                         match = ntag;
                         break;
                     }