mirror of
https://github.com/overleaf/overleaf.git
synced 2024-12-24 20:41:01 +00:00
Merge pull request #6525 from overleaf/jpa-harden-translations-sanitize
[web] scripts/translations: sanitize: double down on angular xss GitOrigin-RevId: d08deab392942e593e920e648118f0e196af1740
This commit is contained in:
parent
58cf92620a
commit
22ee7d6da2
1 changed files with 3 additions and 0 deletions
|
@ -25,6 +25,9 @@ function sanitize(input) {
|
||||||
a: ['href', 'class'],
|
a: ['href', 'class'],
|
||||||
},
|
},
|
||||||
textFilter(text) {
|
textFilter(text) {
|
||||||
|
// Block Angular XSS
|
||||||
|
if (text === '{') return '{'
|
||||||
|
if (text === '}') return '}'
|
||||||
return text
|
return text
|
||||||
.replace(/\{\{/, '{{')
|
.replace(/\{\{/, '{{')
|
||||||
.replace(/\}\}/, '}}')
|
.replace(/\}\}/, '}}')
|
||||||
|
|
Loading…
Reference in a new issue