eightequal/AstralRinth
1
0
Fork 0
forked from didirus/AstralRinth
Code Pull Requests Activity

Fix lint issues (#1126)

Browse Source
This commit is contained in:
triphora
2023-05-06 10:44:51 -04:00
committed by GitHub
parent f34845fd7d
commit 521e21072e
1 changed files with 10 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
helpers/parse.js
View File

@@ -42,22 +42,25 @@ export const configuredXss = new xss.FilterXSS({
for (const source of allowedSources) { for (const source of allowedSources) {
if (source.regex.test(value)) { if (source.regex.test(value)) {
for (const remove of source.remove) { for (const remove of source.remove) {
let index = value.indexOf(remove); let index = value.indexOf(remove)
do { do {
if (index - 1 > 0 && value.charAt(index - 1) === '?') { if (index - 1 > 0 && value.charAt(index - 1) === '?') {
// need to watch out for two things // need to watch out for two things
// case where its ?stand=alone // case where its ?stand=alone
// case where its ?followed=by&another=queryParam // case where its ?followed=by&another=queryParam
if (index + remove.length < value.length && value.charAt(index + remove.length) === '&') { if (
value = value.replace(`${remove}&`, ''); index + remove.length < value.length &&
value.charAt(index + remove.length) === '&'
) {
value = value.replace(`${remove}&`, '')
} else if (index + remove.length >= value.length) { } else if (index + remove.length >= value.length) {
value = value.replace(`?${remove}`, ''); value = value.replace(`?${remove}`, '')
} }
} else { } else {
value = value.replaceAll(`&${remove}`, ''); // can safely be removed value = value.replaceAll(`&${remove}`, '') // can safely be removed
} }
index = value.indexOf(remove); index = value.indexOf(remove)
} while (index !== -1); } while (index !== -1)
} }
return name + '="' + xss.escapeAttrValue(value) + '"' return name + '="' + xss.escapeAttrValue(value) + '"'
} }