TRKJ/EdgeAdmin
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAdmin.git synced 2025-11-06 06:40:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

修复访问日志XSS漏洞

Browse Source
This commit is contained in:
刘祥超
2022-02-23 17:34:54 +08:00
parent 5fe1384e55
commit 619934a275
3 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
web/public/js/components.js
View File

@@ -12246,9 +12246,10 @@ Vue.component("keyword", {
}, },
methods: { methods: {
encodeHTML: function (s) { encodeHTML: function (s) {
s = s.replace("&", "&") s = s.replace(/&/g, "&")
s = s.replace("<", "&lt;") s = s.replace(/</g, "&lt;")
s = s.replace(">", "&gt;") s = s.replace(/>/g, "&gt;")
s = s.replace(/"/g, "&quot;")
return s return s
} }
}, },

7
web/public/js/components/common/keyword.js
View File

@@ -25,9 +25,10 @@ Vue.component("keyword", {
}, },
methods: { methods: {
encodeHTML: function (s) { encodeHTML: function (s) {
s = s.replace("&", "&amp;") s = s.replace(/&/g, "&amp;")
s = s.replace("<", "&lt;") s = s.replace(/</g, "&lt;")
s = s.replace(">", "&gt;") s = s.replace(/>/g, "&gt;")
s = s.replace(/"/g, "&quot;")
return s return s
} }
}, },

8
web/public/js/utils.js
View File

@@ -624,10 +624,10 @@ window.teaweb = {
return instance return instance
}, },
encodeHTML: function (s) { encodeHTML: function (s) {
s = s.replace("&", "&amp;") s = s.replace(/&/g, "&amp;")
s = s.replace("<", "&lt;") s = s.replace(/</g, "&lt;")
s = s.replace(">", "&gt;") s = s.replace(/>/g, "&gt;")
s = s.replace("\"", "&quot;") s = s.replace(/"/, "&quot;")
return s return s
} }
} }