1. XSS: error messages use textContent by default, innerHTML only for controlled HTML (CORES link) via allowHtml flag 2. XSS: name search errors built with DOM API, not innerHTML 3. Race condition: concurrent FRN lookups cancel prior request via AbortController tracking 4. Null safety: DOM element guards with error logging 5. Null safety: check.detail uses || "" fallback, \n → <br> 6. Quote form: auto-resets after 3 seconds on successful submit 7. Pricing: discount uses Math.round(total*15)/100 for cent precision 8. Future-proofing: parseFloat for prices instead of parseInt Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| order | ||
| services/telecom | ||
| tools | ||