Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
luci/modules
History
Jo-Philipp Wich 993151504e luci-base: form.js: do not execute embedded script code in stripTags() 
Instead of relying on .innerHTML which executes embedded script code to
parse a given HTML fragment, use dom.parse() which utilizies DOMParser()
internally in order to extract textContent in a safe manner.

Fixes: FS#4199
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=4199
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-12-23 17:08:21 +01:00
..
luci-base luci-base: form.js: do not execute embedded script code in stripTags() 2021-12-23 17:08:21 +01:00
luci-compat luci-base: prevent empty field for adding new entry 2021-08-11 08:48:41 +02:00
luci-mod-admin-full
luci-mod-admin-mini treewide: removed trailing whitespaces and extra newlines in 'modules' 2021-01-20 17:48:16 +02:00
luci-mod-battstatus Translated using Weblate (Danish) 2021-11-14 19:33:16 +02:00
luci-mod-dashboard Translated using Weblate (Swedish) 2021-12-15 04:54:53 +01:00
luci-mod-network luci-mod-network: wireless.js: retain maclist contents 2021-12-09 15:11:07 +01:00
luci-mod-rpc treewide: removed trailing whitespaces and extra newlines in 'modules' 2021-01-20 17:48:16 +02:00
luci-mod-status luci-mod-status: change "Storage usage" heading to just "Storage" 2021-11-29 16:01:12 +01:00
luci-mod-system luci-mod-system: add missing require to none led trigger class 2021-10-31 22:27:46 +01:00