xuemingqiang/leanote
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix note history xss

Browse Source
This commit is contained in:
lealife
2021-03-27 16:12:46 +08:00
parent 14643d3cf4
commit 0f9733c890
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
public/js/plugins/history.js
View File

@ -49,6 +49,7 @@ define('history', [], function() {
if (this.note.IsMarkdown) { if (this.note.IsMarkdown) {
wrap = '<pre>'; wrap = '<pre>';
wrapEnd = '</pre>'; wrapEnd = '</pre>';
content = trimTitle(content) // for xss
} }
$historyContent.html(wrap + content + wrapEnd); $historyContent.html(wrap + content + wrapEnd);