Fix 1292 - Avoid XSS (#1297)

* Fix 1292 - Avoid XSS * Fix XSS on EffectConfiguration
2025-03-01 10:33:28 +00:00 · 2021-08-19 08:52:17 +02:00
parent 0227694d20
commit bd3e12d3ac
5 changed files with 11 additions and 7 deletions
--- a/assets/webconfig/js/ui_utils.js
+++ b/assets/webconfig/js/ui_utils.js
@@ -1206,3 +1206,7 @@ function showInputOptionsForKey(editor, item, showForKeys, state) {
  }
  showInputOptions(item, elements, state);
 }
+
+function encodeHTML(s) {
+  return s.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/"/g, '&quot;');
+}