Skip to content

Commit

Permalink
fix: fix xss
Browse files Browse the repository at this point in the history
  • Loading branch information
qwqtw committed Dec 7, 2023
1 parent 2b56a1f commit c7df3cf
Showing 1 changed file with 14 additions and 6 deletions.
20 changes: 14 additions & 6 deletions lms/templates/courseware/courses.html
Original file line number Diff line number Diff line change
Expand Up @@ -332,24 +332,26 @@ <h2 class="header-search-facets">${_('Refine Your Search')}</h2>
var message;

if (searchTerm === '') {
// If no search term is entered, use the current discovery message
// Use textContent to safely set the text
message = currentMessage;
} else {
// If a search term is entered, format the message
// Sanitize and escape user input
searchTerm = encodeHTML(searchTerm);

var numberOfCourses = currentMessage.includes("any") ? 0 : parseInt(currentMessage.match(/\d+/)[0]);
var courseWord = numberOfCourses === 1 ? "course" : "courses"; // Singular or plural
message = "<b>" + numberOfCourses + "</b> " + courseWord + " find for \"" + searchTerm + "\"";
var courseWord = numberOfCourses === 1 ? "course" : "courses";
message = numberOfCourses + " " + courseWord + " found for \"" + searchTerm + "\"";
}

var resultsContainer = document.getElementById('search-results-container');
var existingElement = resultsContainer.querySelector('.search-results-count');

if (existingElement) {
existingElement.innerHTML = message; // Use innerHTML to interpret HTML tags
existingElement.textContent = message; // Use textContent for security
} else {
var newElement = document.createElement('div');
newElement.className = 'search-results-count';
newElement.innerHTML = message; // Use innerHTML to interpret HTML tags
newElement.textContent = message; // Use textContent for security
resultsContainer.appendChild(newElement);
}
}
Expand All @@ -365,6 +367,12 @@ <h2 class="header-search-facets">${_('Refine Your Search')}</h2>
}, 500);
});
});

// Function to escape HTML in user input
function encodeHTML(str){
return str.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#039;');
}

</script>

</section>
Expand Down

0 comments on commit c7df3cf

Please sign in to comment.