fix: Escape HTML (#359)
This commit is contained in:
Kroese
GitHub
parent
910b2a8c4e
commit
4818cd57bb
3 changed files with 25 additions and 9 deletions
|
|
@ -65,8 +65,8 @@ getSize() {
|
||||||
local DISK_FILE=$1
|
local DISK_FILE=$1
|
||||||
local DISK_EXT DISK_FMT
|
local DISK_EXT DISK_FMT
|
||||||
|
|
||||||
DISK_EXT="$(echo "${DISK_FILE//*./}" | sed 's/^.*\.//')"
|
DISK_EXT=$(echo "${DISK_FILE//*./}" | sed 's/^.*\.//')
|
||||||
DISK_FMT="$(ext2fmt "$DISK_EXT")"
|
DISK_FMT=$(ext2fmt "$DISK_EXT")
|
||||||
|
|
||||||
case "${DISK_FMT,,}" in
|
case "${DISK_FMT,,}" in
|
||||||
raw)
|
raw)
|
||||||
|
|
@ -378,7 +378,7 @@ addDisk () {
|
||||||
else
|
else
|
||||||
PREV_FMT="qcow2"
|
PREV_FMT="qcow2"
|
||||||
fi
|
fi
|
||||||
PREV_EXT="$(fmt2ext "$PREV_FMT")"
|
PREV_EXT=$(fmt2ext "$PREV_FMT")
|
||||||
|
|
||||||
if [ -f "$DISK_BASE.$PREV_EXT" ] ; then
|
if [ -f "$DISK_BASE.$PREV_EXT" ] ; then
|
||||||
convertDisk "$DISK_BASE.$PREV_EXT" "$PREV_FMT" "$DISK_FILE" "$DISK_FMT" "$DISK_BASE" "$DISK_DESC" "$FS" || exit $?
|
convertDisk "$DISK_BASE.$PREV_EXT" "$PREV_FMT" "$DISK_FILE" "$DISK_FMT" "$DISK_BASE" "$DISK_DESC" "$FS" || exit $?
|
||||||
|
|
@ -441,7 +441,7 @@ if [ -z "$DISK_FMT" ]; then
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
DISK_EXT="$(fmt2ext "$DISK_FMT")" || exit $?
|
DISK_EXT=$(fmt2ext "$DISK_FMT")
|
||||||
|
|
||||||
if [ -z "$ALLOCATE" ]; then
|
if [ -z "$ALLOCATE" ]; then
|
||||||
if [[ "${DISK_FMT,,}" == "raw" ]]; then
|
if [[ "${DISK_FMT,,}" == "raw" ]]; then
|
||||||
|
|
|
||||||
|
|
@ -168,7 +168,7 @@ configureNAT() {
|
||||||
update-alternatives --set iptables /usr/sbin/iptables-legacy > /dev/null
|
update-alternatives --set iptables /usr/sbin/iptables-legacy > /dev/null
|
||||||
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null
|
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null
|
||||||
|
|
||||||
exclude="$(getPorts "$HOST_PORTS")"
|
exclude=$(getPorts "$HOST_PORTS")
|
||||||
|
|
||||||
iptables -t nat -A POSTROUTING -o "$VM_NET_DEV" -j MASQUERADE
|
iptables -t nat -A POSTROUTING -o "$VM_NET_DEV" -j MASQUERADE
|
||||||
# shellcheck disable=SC2086
|
# shellcheck disable=SC2086
|
||||||
|
|
|
||||||
24
src/reset.sh
24
src/reset.sh
|
|
@ -42,11 +42,27 @@ VERS=$(qemu-system-x86_64 --version | head -n 1 | cut -d '(' -f 1)
|
||||||
|
|
||||||
# Helper functions
|
# Helper functions
|
||||||
|
|
||||||
|
escape () {
|
||||||
|
local s
|
||||||
|
s=${1//&/\&}
|
||||||
|
s=${s//</\<}
|
||||||
|
s=${s//>/\>}
|
||||||
|
s=${s//'"'/\"}
|
||||||
|
printf -- %s "$s"
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
html()
|
html()
|
||||||
{
|
{
|
||||||
local title="<title>$APP</title>"
|
local title
|
||||||
|
local body
|
||||||
local body="$1"
|
local footer
|
||||||
|
|
||||||
|
title=$(escape "$APP")
|
||||||
|
title="<title>$title</title>"
|
||||||
|
footer=$(escape "$FOOTER1")
|
||||||
|
|
||||||
|
body=$(escape "$1")
|
||||||
if [[ "$body" == *"..." ]]; then
|
if [[ "$body" == *"..." ]]; then
|
||||||
body="<p class=\"loading\">${body/.../}</p>"
|
body="<p class=\"loading\">${body/.../}</p>"
|
||||||
fi
|
fi
|
||||||
|
|
@ -61,7 +77,7 @@ html()
|
||||||
HTML="${HTML/\[1\]/$title}"
|
HTML="${HTML/\[1\]/$title}"
|
||||||
HTML="${HTML/\[2\]/$script}"
|
HTML="${HTML/\[2\]/$script}"
|
||||||
HTML="${HTML/\[3\]/$body}"
|
HTML="${HTML/\[3\]/$body}"
|
||||||
HTML="${HTML/\[4\]/$FOOTER1}"
|
HTML="${HTML/\[4\]/$footer}"
|
||||||
HTML="${HTML/\[5\]/$FOOTER2}"
|
HTML="${HTML/\[5\]/$FOOTER2}"
|
||||||
|
|
||||||
echo "$HTML" > "$PAGE"
|
echo "$HTML" > "$PAGE"
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue