Fix slide might able to add unsafe attribute on section tag which cause XSS [Security Issue]
This commit is contained in:
Wu Cheng-Han
parent
f86a9e0c4b
commit
79d5b2c37f
2 changed files with 5 additions and 1 deletions
|
|
@ -1,5 +1,6 @@
|
|||
// allow some attributes
|
||||
var whiteListAttr = ['id', 'class', 'style'];
|
||||
window.whiteListAttr = whiteListAttr;
|
||||
// allow link starts with '.', '/' and custom protocol with '://'
|
||||
var linkRegex = /^([\w|-]+:\/\/)|^([\.|\/])+/;
|
||||
// allow data uri, from https://gist.github.com/bgrins/6194623
|
||||
|
|
|
|||
5
public/js/reveal-markdown.js
Normal file → Executable file
5
public/js/reveal-markdown.js
Normal file → Executable file
|
|
@ -286,7 +286,10 @@
|
|||
nodeValue = nodeValue.substring( 0, matches.index ) + nodeValue.substring( mardownClassesInElementsRegex.lastIndex );
|
||||
node.nodeValue = nodeValue;
|
||||
while( matchesClass = mardownClassRegex.exec( classes ) ) {
|
||||
elementTarget.setAttribute( matchesClass[1], matchesClass[2] );
|
||||
var name = matchesClass[1];
|
||||
var value = matchesClass[2];
|
||||
if (name.substr(0, 5) === 'data-' || whiteListAttr.indexOf(name) !== -1)
|
||||
elementTarget.setAttribute( name, filterXSS.escapeAttrValue(value) );
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue