RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 02:27:35 +00:00
Code Issues Activity Actions

Browser: Escape JS source operators for HTML display in console

Browse source 
Console inputs to try before and after this patch:
- `0xffff & 0xff`
- `"a & b"`
- `"<div>"`
- `a &` (to see the escaping in the error hint)
This commit is contained in:
Nico Weber 2020-07-22 21:43:08 -04:00 committed by Andreas Kling
parent 65ec655b0d
commit c4d9d5cc54
2 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Applications/Browser/ConsoleWidget.cpp
View file

@ -91,7 +91,7 @@ ConsoleWidget::ConsoleWidget()
auto error = parser.errors()[0];
auto hint = error.source_location_hint(js_source);
if (!hint.is_empty())
output_html.append(String::format("<pre>%s</pre>", hint.characters()));
output_html.append(String::format("<pre>%s</pre>", escape_html_entities(hint).characters()));
m_interpreter->throw_exception<JS::SyntaxError>(error.to_string());
} else {
m_interpreter->run(m_interpreter->global_object(),*program);