summaryrefslogtreecommitdiff
path: root/public/js
diff options
context:
space:
mode:
authorWu Cheng-Han2017-09-27 18:21:28 +0800
committerWu Cheng-Han2017-09-27 18:21:28 +0800
commitf2743ff8f87d79556ced7e038dd3486f19f116b0 (patch)
treef34fb6b584082ca7cb20c7d67ba24b1be6c077f0 /public/js
parent9b00afb863e475e9a72d06d61591535bd38d2d3e (diff)
Fix slide mode contains unclosed tags might cause XSS [Security Issue]
Diffstat (limited to '')
-rw-r--r--public/js/slide.js3
1 files changed, 2 insertions, 1 deletions
diff --git a/public/js/slide.js b/public/js/slide.js
index 293ebfe2..59a352ec 100644
--- a/public/js/slide.js
+++ b/public/js/slide.js
@@ -4,9 +4,10 @@
require('../css/extra.css')
require('../css/site.css')
+import { preventXSS } from './render'
import { md, updateLastChange, removeDOMEvents, finishView } from './extra'
-const body = $('.slides').text()
+const body = preventXSS($('.slides').text())
window.createtime = window.lastchangeui.time.attr('data-createtime')
window.lastchangetime = window.lastchangeui.time.attr('data-updatetime')