RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 18:17:44 +00:00
Code Issues Activity Actions

Browser+WebContent: Fix HTML injection in console functions output

Browse source
This commit is contained in:
Linus Groh 2021-04-18 17:27:00 +02:00
parent a178255a8b
commit e37421bddc
2 changed files with 12 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

12
Userland/Services/WebContent/WebContentConsoleClient.cpp
View file

@ -81,7 +81,7 @@ void WebContentConsoleClient::clear_output()
JS::Value WebContentConsoleClient::log()
{
print_html(vm().join_arguments());
print_html(escape_html_entities(vm().join_arguments()));
return JS::js_undefined();
}
@ -90,7 +90,7 @@ JS::Value WebContentConsoleClient::info()
StringBuilder html;
html.append("<span class=\"info\">");
html.append("(i) ");
html.append(vm().join_arguments());
html.append(escape_html_entities(vm().join_arguments()));
html.append("</span>");
print_html(html.string_view());
return JS::js_undefined();
@ -101,7 +101,7 @@ JS::Value WebContentConsoleClient::debug()
StringBuilder html;
html.append("<span class=\"debug\">");
html.append("(d) ");
html.append(vm().join_arguments());
html.append(escape_html_entities(vm().join_arguments()));
html.append("</span>");
print_html(html.string_view());
return JS::js_undefined();
@ -112,7 +112,7 @@ JS::Value WebContentConsoleClient::warn()
StringBuilder html;
html.append("<span class=\"warn\">");
html.append("(w) ");
html.append(vm().join_arguments());
html.append(escape_html_entities(vm().join_arguments()));
html.append("</span>");
print_html(html.string_view());
return JS::js_undefined();
@ -123,7 +123,7 @@ JS::Value WebContentConsoleClient::error()
StringBuilder html;
html.append("<span class=\"error\">");
html.append("(e) ");
html.append(vm().join_arguments());
html.append(escape_html_entities(vm().join_arguments()));
html.append("</span>");
print_html(html.string_view());
return JS::js_undefined();
@ -138,7 +138,7 @@ JS::Value WebContentConsoleClient::clear()
JS::Value WebContentConsoleClient::trace()
{
StringBuilder html;
html.append(vm().join_arguments());
html.append(escape_html_entities(vm().join_arguments()));
auto trace = get_trace();
for (auto& function_name : trace) {
if (function_name.is_empty())