1
0
mirror of https://github.com/janeczku/calibre-web synced 2024-11-24 18:47:23 +00:00

Merge remote-tracking branch 'js_caliblur/xss'

This commit is contained in:
Ozzieisaacs 2020-04-29 12:08:51 +02:00
commit 9a7d9da654

View File

@ -28,7 +28,7 @@ $( 'body.mailset' ).addClass( 'admin' );
curHref = window.location.href.split('/'); curHref = window.location.href.split('/');
prevHref = document.referrer.split('/'); prevHref = document.referrer.split('/');
$( '.navbar-form.navbar-left' ) $( '.navbar-form.navbar-left' )
.before( '<div class="plexBack"><a href="' + document.referrer + '"></a></div>' ); .before( '<div class="plexBack"><a href="' + encodeURI(document.referrer) + '"></a></div>' );
if ( history.length === 1 || if ( history.length === 1 ||
curHref[0] + curHref[0] +
curHref[1] + curHref[1] +
@ -43,7 +43,7 @@ if ( history.length === 1 ||
//Weird missing a after pressing back from edit. //Weird missing a after pressing back from edit.
setTimeout(function() { setTimeout(function() {
if ( $( '.plexBack a').length < 1 ) { if ( $( '.plexBack a').length < 1 ) {
$( '.plexBack' ).append('<a href="' + document.referrer + '"></a>'); $( '.plexBack' ).append('<a href="' + encodeURI(document.referrer) + '"></a>');
} }
},10); },10);