diff options
author | Wu Cheng-Han | 2017-09-27 18:21:28 +0800 |
---|---|---|
committer | Wu Cheng-Han | 2017-09-27 18:21:28 +0800 |
commit | f2743ff8f87d79556ced7e038dd3486f19f116b0 (patch) | |
tree | f34fb6b584082ca7cb20c7d67ba24b1be6c077f0 /public/js | |
parent | 9b00afb863e475e9a72d06d61591535bd38d2d3e (diff) |
Fix slide mode contains unclosed tags might cause XSS [Security Issue]
Diffstat (limited to '')
-rw-r--r-- | public/js/slide.js | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/public/js/slide.js b/public/js/slide.js index 293ebfe2..59a352ec 100644 --- a/public/js/slide.js +++ b/public/js/slide.js @@ -4,9 +4,10 @@ require('../css/extra.css') require('../css/site.css') +import { preventXSS } from './render' import { md, updateLastChange, removeDOMEvents, finishView } from './extra' -const body = $('.slides').text() +const body = preventXSS($('.slides').text()) window.createtime = window.lastchangeui.time.attr('data-createtime') window.lastchangetime = window.lastchangeui.time.attr('data-updatetime') |