dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Fix for the XSS vulnerability

Browse Source
This commit is contained in:
retrymp3
2024-11-14 23:00:30 +05:30
parent 9af3fe9c97
commit e66e59048f
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Livewire/Project/Shared/Tags.php
View File

@@ -37,6 +37,7 @@ class Tags extends Component
$this->validate(); $this->validate();
$tags = str($this->newTags)->trim()->explode(' '); $tags = str($this->newTags)->trim()->explode(' ');
foreach ($tags as $tag) { foreach ($tags as $tag) {
$tag = strip_tags($tag);
if (strlen($tag) < 2) { if (strlen($tag) < 2) {
$this->dispatch('error', 'Invalid tag.', "Tag <span class='dark:text-warning'>$tag</span> is invalid. Min length is 2."); $this->dispatch('error', 'Invalid tag.', "Tag <span class='dark:text-warning'>$tag</span> is invalid. Min length is 2.");
@@ -65,6 +66,7 @@ class Tags extends Component
public function addTag(string $id, string $name) public function addTag(string $id, string $name)
{ {
try { try {
$name = strip_tags($name);
if ($this->resource->tags()->where('id', $id)->exists()) { if ($this->resource->tags()->where('id', $id)->exists()) {
$this->dispatch('error', 'Duplicate tags.', "Tag <span class='dark:text-warning'>$name</span> already added."); $this->dispatch('error', 'Duplicate tags.', "Tag <span class='dark:text-warning'>$name</span> already added.");