summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMax Wu2018-12-28 16:42:55 +0800
committerMax Wu2018-12-28 16:42:55 +0800
commit067cfe2d1eedc5a58e5548785858e38fbaa0e84b (patch)
treeb5aa48f2321cc793c3d389864c89a006401ef472
parentb89a35196a7a0aa5ad25f942b8d7bd4ca392eece (diff)
Fix to escape html comment tag [Security Issue]
Signed-off-by: Max Wu <jackymaxj@gmail.com>
Diffstat (limited to '')
-rw-r--r--public/js/render.js2
1 files changed, 1 insertions, 1 deletions
diff --git a/public/js/render.js b/public/js/render.js
index ff5e2bf2..87e5cfdf 100644
--- a/public/js/render.js
+++ b/public/js/render.js
@@ -45,7 +45,7 @@ var filterXSSOptions = {
// allow comment tag
if (tag === '!--') {
// do not filter its attributes
- return html
+ return html.replace(/<(?!!--)/g, '&lt;').replace(/-->/g, '__HTML_COMMENT_END__').replace(/>/g, '&gt;').replace(/__HTML_COMMENT_END__/g, '-->')
}
},
onTagAttr: function (tag, name, value, isWhiteAttr) {