fixing html sanitiation

2023-12-27 13:13:03 +00:00 · 2023-12-27 13:13:03 +00:00 · fd2c6fd49e
commit fd2c6fd49e
parent bc4a8d60f4
3 changed files with 6 additions and 4 deletions
--- a/frontend/js/app/openappsec-log/list-all/item.js
+++ b/frontend/js/app/openappsec-log/list-all/item.js
@ -28,13 +28,13 @@ module.exports = Mn.View.extend({
            return '#' + (this.object_id || '?');
        },
-        createSpecificTableCell: function(value) {
+	    createSpecificTableCell: function(value) {
            if (value && value.trim() !== '') {
                value = value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#039;");
                return `<td>${value}</td>`;
            } else {
                return `<td class="text-center">-</td>`;
            }
-        }
+        }        
    }
 });
--- a/frontend/js/app/openappsec-log/list-important/item.js
+++ b/frontend/js/app/openappsec-log/list-important/item.js
@ -30,7 +30,8 @@ module.exports = Mn.View.extend({
        },
        createSpecificTableCell: function(value) {
            if (value && value.trim() !== '') {
-                return `<td>${value}</td>`;
+                value = value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#039;");
 		return `<td>${value}</td>`;
            } else {
                return `<td class="text-center">-</td>`;
            }
--- a/frontend/js/app/openappsec-log/list-notifications/item.js
+++ b/frontend/js/app/openappsec-log/list-notifications/item.js
@ -30,6 +30,7 @@ module.exports = Mn.View.extend({
        },
        createSpecificTableCell: function(value) {
            if (value && value.trim() !== '') {
                value = value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#039;");		    
                return `<td>${value}</td>`;
            } else {
                return `<td class="text-center">-</td>`;