serg2-mirrors/GDBrowser
1
0
Fork 0
Code Issues 8 Pull requests 10 Projects Releases Packages Wiki Activity Actions

i missed a few xss spots

Browse source
This commit is contained in:
GDColon 2020-05-13 09:55:57 -04:00
parent 662a26d6f4
commit f9a018a3d6
3 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
html/analyze.html
View file

@ -89,6 +89,8 @@
<script async type="text/javascript" src="../assets/sizecheck.js"></script>
<script>
function clean(text) {return text.replace(/&/g, "&#38;").replace(/</g, "&#60;").replace(/>/g, "&#62;").replace(/=/g, "&#61;").replace(/"/g, "&#34;").replace(/'/g, "&#39;")}
let disabledPortals = []
let formPortals = ['cube', 'ship', 'ball', 'ufo', 'wave', 'robot', 'spider']
let speedPortals = ['-1x', '1x', '2x', '3x', '4x']
@ -227,7 +229,7 @@ appendPortals()
$('#levelCode').html('<p>Loading...</p>')
window.setTimeout(function () { //small delay so "loading" message appears
$('#levelCode').html(`<p class="codeFont">${res.data}</p>`)}, 50);
$('#levelCode').html(`<p class="codeFont">${clean(res.data)}</p>`)}, 50);
$('#levelCode').focus().select()
})

2
html/comments.html
View file

@ -131,7 +131,7 @@ if (mode == "top") {
$('#topSort').attr('src', "../assets/sort-likes-on.png")
}
function clean(text) {if (!text || typeof text != "string") return text; else return text.replace(/&/g, "&#38;").replace(/</g, "&#60;").replace(/>/g, "&#62;").replace(/=/g, "&#61;").replace(/"/g, "&#34;").replace(/'/g, "&#39;")}
function clean(text) {return text.replace(/&/g, "&#38;").replace(/</g, "&#60;").replace(/>/g, "&#62;").replace(/=/g, "&#61;").replace(/"/g, "&#34;").replace(/'/g, "&#39;")}
$('#compactMode').attr('src', `../assets/compact-${compact ? "on" : "off"}.png`)

4
html/profile.html
View file

@ -153,6 +153,8 @@
<script>
function clean(text) {return text.replace(/&/g, "&#38;").replace(/</g, "&#60;").replace(/>/g, "&#62;").replace(/=/g, "&#61;").replace(/"/g, "&#34;").replace(/'/g, "&#39;")}
let messageText = 'Your <span style="color: yellow">Geometry Dash password</span> will <span style="color: lime">not be stored</span> anywhere on the site, both <span style="color:rgb(113, 234, 255)">locally and server-side.</span> You can view the code used for profile posts <a class="menuLink" target="_blank" href="https://github.com/GDColon/GDBrowser/blob/master/api/post/postProfileComment.js">here</a>.'
$('#message').html(messageText)
$('#likeMessage').html(messageText.replace("profile posts", "liking posts").replace("postProfileComment", "like"))
@ -236,7 +238,7 @@ fetch(`../api/comments/[[ACCOUNTID]]?type=profile&page=${page}`).then(res => res
<div class="comment">
<h2>[[USERNAME]]</h2>
<div class="commentAlign">
<p class="commentText" style="color: rgb(${"[[USERNAME]]" == "RobTop" ? "50, 255, 255" : "[[MODERATOR]]" == "2" ? "75, 255, 75" : x.browserColor ? "255, 180, 255" : "255, 255, 255"})">${x.content}</p>
<p class="commentText" style="color: rgb(${"[[USERNAME]]" == "RobTop" ? "50, 255, 255" : "[[MODERATOR]]" == "2" ? "75, 255, 75" : x.browserColor ? "255, 180, 255" : "255, 255, 255"})">${clean(x.content)}</p>
</div>
</div>
<p class="commentDate">${x.date}</p>