Go to file

Greg 7497230990 Fix security vulnerabilities found in security review

- Add Content-Security-Policy meta tag restricting external resources
- Add sanitizeEvent/sanitizeTimeline to validate/allowlist data from localStorage and imported JSON
- Escape ev.thumbnail in SVG <image href> with xe() to prevent javascript: URL injection
- Escape dynamic IDs in inline onclick handlers with esc() throughout

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-15 11:54:52 +01:00

.gitignore

Add index.html and gitignore

2026-03-15 11:28:06 +01:00

index.html

Fix security vulnerabilities found in security review

2026-03-15 11:54:52 +01:00

README.md

first commit

2026-03-15 10:26:13 +01:00

README.md

Timelineifyer

A lightweight, browser-based timeline creation and visualization tool. No install, no build step — just open index.html.

Features

Create and manage multiple timelines
Add events with dates, titles, descriptions, URLs, categories, and thumbnail images
Color-coded categories for organizing events
Zoom controls and compact/full date format toggle
Export timelines as SVG or PNG (suitable for PowerPoint)
Import/export timelines as JSON for backup and sharing
Fullscreen presentation mode with keyboard navigation
Light/dark theme
All data persisted in browser localStorage

Usage

Open index.html in any modern browser. No server or dependencies required.

Keyboard Shortcuts (Presentation Mode)

Key	Action
`P`	Toggle presentation mode
`←` / `→`	Navigate between events

Data Storage

Timelines are saved to localStorage under the key timelineifyer. Use the JSON export feature to back up or share your timelines.

Tech Stack

Pure HTML5, CSS3, and vanilla JavaScript — no frameworks or external dependencies.