web-manager 3.2.62 → 3.2.64
Sign up to get free protection for your applications and to get access to all the features.
- package/lib/utilities.js +5 -8
- package/package.json +2 -2
package/lib/utilities.js
CHANGED
|
@@ -108,19 +108,16 @@ Utilities.clipboardCopy = function (input) {
|
|
|
108
108
|
Utilities.escapeHTML = function (str) {
|
|
109
109
|
shadow = shadow || document.createElement('p');
|
|
110
110
|
shadow.innerHTML = '';
|
|
111
|
+
|
|
112
|
+
// This automatically escapes HTML entities like <, >, &, etc.
|
|
111
113
|
shadow.appendChild(document.createTextNode(str));
|
|
112
114
|
|
|
113
|
-
|
|
115
|
+
// This is needed to escape quotes to prevent attribute injection
|
|
116
|
+
return shadow.innerHTML.replace(/["']/g, function(m) {
|
|
114
117
|
switch (m) {
|
|
115
|
-
case '&':
|
|
116
|
-
return '&';
|
|
117
|
-
case '<':
|
|
118
|
-
return '<';
|
|
119
|
-
case '>':
|
|
120
|
-
return '>';
|
|
121
118
|
case '"':
|
|
122
119
|
return '"';
|
|
123
|
-
|
|
120
|
+
default:
|
|
124
121
|
return ''';
|
|
125
122
|
}
|
|
126
123
|
});
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "web-manager",
|
|
3
|
-
"version": "3.2.
|
|
3
|
+
"version": "3.2.64",
|
|
4
4
|
"description": "Easily access important variables such as the query string, current domain, and current page in a single object.",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -40,7 +40,7 @@
|
|
|
40
40
|
"replace": {}
|
|
41
41
|
},
|
|
42
42
|
"dependencies": {
|
|
43
|
-
"@sentry/browser": "^8.
|
|
43
|
+
"@sentry/browser": "^8.34.0",
|
|
44
44
|
"cookieconsent": "^3.1.1",
|
|
45
45
|
"firebase": "^9.23.0",
|
|
46
46
|
"itwcw-package-analytics": "^1.0.6",
|