f.weber/homebrewery
0
0
Fork 0
mirror of https://github.com/naturalcrit/homebrewery.git synced 2026-01-08 14:02:41 +00:00
Code Wiki Activity

Add script sanitization to template.js

Browse Source
This commit is contained in:
G.Ambatte
2024-05-05 20:18:53 +12:00
parent eb0440d36d
commit ffa90c397c
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
client/template.js
View File

@@ -8,6 +8,8 @@ const template = async function(name, title='', props = {}){
}); });
const ogMetaTags = ogTags.join('\n'); const ogMetaTags = ogTags.join('\n');
const cleanProps = JSON.stringify(props).replace(/<\/script/g, '<\\\/script');
return `<!DOCTYPE html> return `<!DOCTYPE html>
<html> <html>
<head> <head>
@@ -23,7 +25,7 @@ const template = async function(name, title='', props = {}){
<body> <body>
<main id="reactRoot">${require(`../build/${name}/ssr.js`)(props)}</main> <main id="reactRoot">${require(`../build/${name}/ssr.js`)(props)}</main>
<script src=${`/${name}/bundle.js`}></script> <script src=${`/${name}/bundle.js`}></script>
<script>start_app(${JSON.stringify(props)})</script> <script>start_app(${cleanProps})</script>
</body> </body>
</html> </html>
`; `;