f.weber/homebrewery
0
0
Fork 0
mirror of https://github.com/naturalcrit/homebrewery.git synced 2026-01-13 23:52:42 +00:00
Code Wiki Activity

Add sanitization of Style content

Browse Source
This commit is contained in:
G.Ambatte
2022-09-28 17:27:11 +13:00
parent a3c7e2f807
commit 8e26161244
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
client/homebrew/brewRenderer/brewRenderer.jsx
View File

@@ -107,6 +107,12 @@ const BrewRenderer = createClass({
return false; return false;
}, },
sanitizeScriptTags : function(content) {
return content
.replace(/<script/ig, '&lt;script')
.replace(/<\/script>/ig, '&lt;/script&gt;');
},
renderPageInfo : function(){ renderPageInfo : function(){
return <div className='pageInfo' ref='main'> return <div className='pageInfo' ref='main'>
<div> <div>
@@ -134,7 +140,7 @@ const BrewRenderer = createClass({
renderStyle : function() { renderStyle : function() {
if(!this.props.style) return; if(!this.props.style) return;
return <div style={{ display: 'none' }} dangerouslySetInnerHTML={{ __html: `<style> ${this.props.style} </style>` }} />; return <div style={{ display: 'none' }} dangerouslySetInnerHTML={{ __html: `<style> ${this.sanitizeScriptTags(this.props.style)} </style>` }} />;
}, },
renderPage : function(pageText, index){ renderPage : function(pageText, index){