Skip to content

Commit

Permalink
#153 XSS safty improvements
Browse files Browse the repository at this point in the history
  • Loading branch information
Michael Mrowetz committed Mar 26, 2017
1 parent 1d8f487 commit 0a98ffb
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion src/ts/transformers/har-tabs.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,5 +131,5 @@ function makeImgTab(entry: Entry): WaterfallEntryTab {
return makeLazyWaterfallEntryTab(
"Preview",
(detailsHeight: number) => `<img class="preview" style="max-height:${(detailsHeight - 100)}px"
data-src="${entry.request.url}" />`);
data-src="${entry.request.url.replace("\"", "&quot;")}" />`);
}
2 changes: 1 addition & 1 deletion src/ts/transformers/helpers.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ export function makeDefinitionList(dlKeyValues: KvTuple[], addClass: boolean = f
return dlKeyValues
.filter((tuple: KvTuple) => tuple[1] !== undefined)
.map((tuple) => `
<dt ${makeClass(tuple[0])}>${tuple[0]}</dt>
<dt ${makeClass(tuple[0])}>${escapeHtml(tuple[0])}</dt>
<dd>${escapeHtml(tuple[1])}</dd>
`).join("");
}
Expand Down

0 comments on commit 0a98ffb

Please sign in to comment.