Skip to content

Commit

Permalink
Fix code scanning alert issue-#1353
Browse files Browse the repository at this point in the history
  • Loading branch information
@JisanAR03 @DonnieBLT
JisanAR03 authored and DonnieBLT committed Nov 1, 2023
1 parent 1005957 commit e0951b4
Showing 1 changed file with 12 additions and 1 deletion.
13 changes: 12 additions & 1 deletion website/static/vendor/bootstrap/js/bootstrap.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,11 @@ function sanitizeSelector(selector) {
// Use a whitelist approach to only allow valid characters in a selector
return selector.replace(/[^\w-#.:]/g, '');
}
function sanitizeInput(input) {
var div = document.createElement('div');
div.appendChild(document.createTextNode(input));
return div.innerHTML;
}
/* ========================================================================
* Bootstrap: transition.js v3.3.7
* http://getbootstrap.com/javascript/#transitions
Expand Down Expand Up @@ -1576,7 +1581,13 @@ function sanitizeSelector(selector) {

Tooltip.prototype.setContent = function () {
var $tip = this.tip()
var title = escapeHTML(this.getTitle())
var title = this.getTitle()
if(this.options.html){
title = sanitizeInput(title);
}
else{
title = sanitizeSelector(title);
}

$tip.find('.tooltip-inner')[this.options.html ? 'html' : 'text'](title)
$tip.removeClass('fade in top bottom left right')
Expand Down

0 comments on commit e0951b4

Please sign in to comment.