infosecn1nja
/
CyberChef
mirror of https://github.com/infosecn1nja/CyberChef.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'j433866-xss_fixes'

master
n1474335 2019-02-08 17:06:32 +00:00
parent d54d66cffc 821bc9405c
commit 310ff30278
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/core/operations/ToTable.mjs
View File

@ -57,7 +57,7 @@ class ToTable extends Operation {
const [cellDelims, rowDelims, firstRowHeader, format] = args; const [cellDelims, rowDelims, firstRowHeader, format] = args;
// Process the input into a nested array of elements. // Process the input into a nested array of elements.
const tableData = Utils.parseCSV(input, cellDelims.split(""), rowDelims.split("")); const tableData = Utils.parseCSV(Utils.escapeHtml(input), cellDelims.split(""), rowDelims.split(""));
if (!tableData.length) return ""; if (!tableData.length) return "";

2
src/web/OutputWaiter.mjs
View File

@ -478,7 +478,7 @@ class OutputWaiter {
*/ */
showMagicButton(opSequence, result, recipeConfig) { showMagicButton(opSequence, result, recipeConfig) {
const magicButton = document.getElementById("magic"); const magicButton = document.getElementById("magic");
magicButton.setAttribute("data-original-title", `<i>${opSequence}</i> will produce <span class="data-text">"${Utils.truncate(result, 30)}"</span>`); magicButton.setAttribute("data-original-title", `<i>${opSequence}</i> will produce <span class="data-text">"${Utils.escapeHtml(Utils.truncate(result), 30)}"</span>`);
magicButton.setAttribute("data-recipe", JSON.stringify(recipeConfig), null, ""); magicButton.setAttribute("data-recipe", JSON.stringify(recipeConfig), null, "");
magicButton.classList.remove("hidden"); magicButton.classList.remove("hidden");
} }