forked from mirror/_s
There is no actual vulnerability in the existing implementation, as we can only fetch existing elements (no DOM injection is possible). Plus, the only call occurring on those elements is `HTMLElement#focus`. Consider this an extra, more future-proof precaution. |
||
---|---|---|
.. | ||
customizer.js | ||
navigation.js | ||
skip-link-focus-fix.js |