diff options
| author | Linus Groh <mail@linusgroh.de> | 2021-04-18 17:27:00 +0200 |
|---|---|---|
| committer | Linus Groh <mail@linusgroh.de> | 2021-04-18 18:28:17 +0200 |
| commit | e37421bddc6a687ab497ef71e7a9eebedc6ab500 (patch) | |
| tree | 5720f38eb0d50647da05e3601414911712944e75 /Userland/Applications | |
| parent | a178255a8b358b2c89014dc789203a81c3d213a5 (diff) | |
| download | serenity-e37421bddc6a687ab497ef71e7a9eebedc6ab500.zip | |
Browser+WebContent: Fix HTML injection in console functions output
Diffstat (limited to 'Userland/Applications')
| -rw-r--r-- | Userland/Applications/Browser/BrowserConsoleClient.cpp | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/Userland/Applications/Browser/BrowserConsoleClient.cpp b/Userland/Applications/Browser/BrowserConsoleClient.cpp index e1680f2608..e721553fca 100644 --- a/Userland/Applications/Browser/BrowserConsoleClient.cpp +++ b/Userland/Applications/Browser/BrowserConsoleClient.cpp @@ -37,7 +37,7 @@ namespace Browser { JS::Value BrowserConsoleClient::log() { - m_console_widget.print_html(vm().join_arguments()); + m_console_widget.print_html(escape_html_entities(vm().join_arguments())); return JS::js_undefined(); } @@ -46,7 +46,7 @@ JS::Value BrowserConsoleClient::info() StringBuilder html; html.append("<span class=\"info\">"); html.append("(i) "); - html.append(vm().join_arguments()); + html.append(escape_html_entities(vm().join_arguments())); html.append("</span>"); m_console_widget.print_html(html.string_view()); return JS::js_undefined(); @@ -57,7 +57,7 @@ JS::Value BrowserConsoleClient::debug() StringBuilder html; html.append("<span class=\"debug\">"); html.append("(d) "); - html.append(vm().join_arguments()); + html.append(escape_html_entities(vm().join_arguments())); html.append("</span>"); m_console_widget.print_html(html.string_view()); return JS::js_undefined(); @@ -68,7 +68,7 @@ JS::Value BrowserConsoleClient::warn() StringBuilder html; html.append("<span class=\"warn\">"); html.append("(w) "); - html.append(vm().join_arguments()); + html.append(escape_html_entities(vm().join_arguments())); html.append("</span>"); m_console_widget.print_html(html.string_view()); return JS::js_undefined(); @@ -79,7 +79,7 @@ JS::Value BrowserConsoleClient::error() StringBuilder html; html.append("<span class=\"error\">"); html.append("(e) "); - html.append(vm().join_arguments()); + html.append(escape_html_entities(vm().join_arguments())); html.append("</span>"); m_console_widget.print_html(html.string_view()); return JS::js_undefined(); @@ -94,7 +94,7 @@ JS::Value BrowserConsoleClient::clear() JS::Value BrowserConsoleClient::trace() { StringBuilder html; - html.append(vm().join_arguments()); + html.append(escape_html_entities(vm().join_arguments())); auto trace = get_trace(); for (auto& function_name : trace) { if (function_name.is_empty()) |