Archives/ohwgiles_laminar
1
0
Fork 0
mirror of https://github.com/ohwgiles/laminar.git synced 2025-06-13 12:54:29 +00:00
Code Issues Projects Releases Wiki Activity

escape html tags in log output

Browse Source 
While normally this isn't enough to prevent XSS, this output will only
appear in the body of a <pre>, and anyway the scripts are semi-privileged
This commit is contained in:
Oliver Giles 2017-12-21 08:46:00 +02:00
parent 3129f0e73b
commit 1f23ec5fb2
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/resources/js/app.js
View File

@ -430,7 +430,7 @@ const Run = function() {
}; };
var firstLog = false; var firstLog = false;
var logHandler = function(vm, d) { var logHandler = function(vm, d) {
state.log += d; state.log += d.replace(/</g,'&lt;').replace(/>/g,'&gt;');
vm.$forceUpdate(); vm.$forceUpdate();
if (!firstLog) { if (!firstLog) {
firstLog = true; firstLog = true;