Fabio/qemu-arm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: Escape HTML (#359)

Browse source
This commit is contained in:
Kroese 2024-01-20 16:47:01 +01:00 committed by GitHub
parent 910b2a8c4e
commit 4818cd57bb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 25 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/disk.sh
View file

@ -65,8 +65,8 @@ getSize() {
local DISK_FILE=$1
local DISK_EXT DISK_FMT
DISK_EXT="$(echo "${DISK_FILE//*./}" | sed 's/^.*\.//')"
DISK_FMT="$(ext2fmt "$DISK_EXT")"
DISK_EXT=$(echo "${DISK_FILE//*./}" | sed 's/^.*\.//')
DISK_FMT=$(ext2fmt "$DISK_EXT")
case "${DISK_FMT,,}" in
raw)
@ -378,7 +378,7 @@ addDisk () {
else
PREV_FMT="qcow2"
fi
PREV_EXT="$(fmt2ext "$PREV_FMT")"
PREV_EXT=$(fmt2ext "$PREV_FMT")
if [ -f "$DISK_BASE.$PREV_EXT" ] ; then
convertDisk "$DISK_BASE.$PREV_EXT" "$PREV_FMT" "$DISK_FILE" "$DISK_FMT" "$DISK_BASE" "$DISK_DESC" "$FS" || exit $?
@ -441,7 +441,7 @@ if [ -z "$DISK_FMT" ]; then
fi
fi
DISK_EXT="$(fmt2ext "$DISK_FMT")" || exit $?
DISK_EXT=$(fmt2ext "$DISK_FMT")
if [ -z "$ALLOCATE" ]; then
if [[ "${DISK_FMT,,}" == "raw" ]]; then

2
src/network.sh
View file

@ -168,7 +168,7 @@ configureNAT() {
update-alternatives --set iptables /usr/sbin/iptables-legacy > /dev/null
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null
exclude="$(getPorts "$HOST_PORTS")"
exclude=$(getPorts "$HOST_PORTS")
iptables -t nat -A POSTROUTING -o "$VM_NET_DEV" -j MASQUERADE
# shellcheck disable=SC2086

24
src/reset.sh
View file

@ -42,11 +42,27 @@ VERS=$(qemu-system-x86_64 --version | head -n 1 | cut -d '(' -f 1)
# Helper functions
escape () {
local s
s=${1//&/\&}
s=${s//</\&lt;}
s=${s//>/\&gt;}
s=${s//'"'/\&quot;}
printf -- %s "$s"
return 0
}
html()
{
local title="<title>$APP</title>"
local body="$1"
local title
local body
local footer
title=$(escape "$APP")
title="<title>$title</title>"
footer=$(escape "$FOOTER1")
body=$(escape "$1")
if [[ "$body" == *"..." ]]; then
body="<p class=\"loading\">${body/.../}</p>"
fi
@ -61,7 +77,7 @@ html()
HTML="${HTML/\[1\]/$title}"
HTML="${HTML/\[2\]/$script}"
HTML="${HTML/\[3\]/$body}"
HTML="${HTML/\[4\]/$FOOTER1}"
HTML="${HTML/\[4\]/$footer}"
HTML="${HTML/\[5\]/$FOOTER2}"
echo "$HTML" > "$PAGE"