jgaunt/CyberChef
2
0
Fork 0
mirror of https://github.com/gchq/CyberChef synced 2025-12-29 06:33:46 +00:00
Code Issues Releases Wiki Activity

Fix XSS for To Table operation and Magic button

Browse Source
This commit is contained in:
j433866
2019-01-31 15:18:37 +00:00
parent 6f8a5ea1be
commit 8b44927cb6
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/web/OutputWaiter.mjs
View File

@@ -478,7 +478,7 @@ class OutputWaiter {
*/
showMagicButton(opSequence, result, recipeConfig) {
const magicButton = document.getElementById("magic");
magicButton.setAttribute("data-original-title", `<i>${opSequence}</i> will produce <span class="data-text">"${Utils.truncate(result, 30)}"</span>`);
magicButton.setAttribute("data-original-title", `<i>${opSequence}</i> will produce <span class="data-text">"${Utils.truncate(Utils.escapeHtml(result), 30)}"</span>`);
magicButton.setAttribute("data-recipe", JSON.stringify(recipeConfig), null, "");
magicButton.classList.remove("hidden");
}