mirror of
https://github.com/janeczku/calibre-web
synced 2024-11-24 18:47:23 +00:00
Fix two minor xss
This commit is contained in:
parent
0297823bda
commit
806a5f209f
@ -28,7 +28,7 @@ $( 'body.mailset' ).addClass( 'admin' );
|
|||||||
curHref = window.location.href.split('/');
|
curHref = window.location.href.split('/');
|
||||||
prevHref = document.referrer.split('/');
|
prevHref = document.referrer.split('/');
|
||||||
$( '.navbar-form.navbar-left' )
|
$( '.navbar-form.navbar-left' )
|
||||||
.before( '<div class="plexBack"><a href="' + document.referrer + '"></a></div>' );
|
.before( '<div class="plexBack"><a href="' + encodeURI(document.referrer) + '"></a></div>' );
|
||||||
if ( history.length === 1 ||
|
if ( history.length === 1 ||
|
||||||
curHref[0] +
|
curHref[0] +
|
||||||
curHref[1] +
|
curHref[1] +
|
||||||
@ -43,7 +43,7 @@ if ( history.length === 1 ||
|
|||||||
//Weird missing a after pressing back from edit.
|
//Weird missing a after pressing back from edit.
|
||||||
setTimeout(function() {
|
setTimeout(function() {
|
||||||
if ( $( '.plexBack a').length < 1 ) {
|
if ( $( '.plexBack a').length < 1 ) {
|
||||||
$( '.plexBack' ).append('<a href="' + document.referrer + '"></a>');
|
$( '.plexBack' ).append('<a href="' + encodeURI(document.referrer) + '"></a>');
|
||||||
}
|
}
|
||||||
},10);
|
},10);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user