Skip to content

Commit 76b75ab

Browse files
authored
fix xss vulnerabilities in jwArray, jwLambda, jwTargets
1 parent 3c772a7 commit 76b75ab

3 files changed

Lines changed: 3 additions & 3 deletions

File tree

src/extensions/jwArray/index.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -125,7 +125,7 @@ class ArrayType {
125125
}
126126

127127
toMonitorContent() {
128-
return span(this.toString());
128+
return span(escapeHTML(this.toString()));
129129
}
130130

131131
toReporterContent() {

src/extensions/jwLambda/index.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ function formatNumber(x) {
1818

1919
function span(text) {
2020
let el = document.createElement('span')
21-
el.innerHTML = text
21+
el.innerText = text
2222
el.style.display = 'hidden'
2323
el.style.width = '100%'
2424
el.style.boxSizing = 'border-box'

src/extensions/jwTargets/index.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ const Cast = require('../../util/cast')
66

77
function span(text) {
88
let el = document.createElement('span')
9-
el.innerHTML = text
9+
el.innerText = text
1010
el.style.display = 'hidden'
1111
el.style.whiteSpace = 'nowrap'
1212
el.style.width = '100%'

0 commit comments

Comments
 (0)