renun/siyuan
1
0
Fork 0
mirror of https://github.com/siyuan-note/siyuan.git synced 2025-02-28 05:32:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

🔒 Some XSS vulnerabilities https://github.com/siyuan-note/siyuan/issues/13171

Browse Source
This commit is contained in:
Daniel
2024-11-17 11:34:38 +08:00
parent 74db798a04
commit 096fea2c8f
4 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
kernel/filesys/tree.go
View File

@@ -169,7 +169,7 @@ func LoadTreeByData(data []byte, boxID, p string, luteEngine *lute.Lute) (ret *p
if "" == title {
title = "Untitled"
}
hPathBuilder.WriteString(title)
hPathBuilder.WriteString(util.UnescapeHTML(title))
hPathBuilder.WriteString("/")
}
hPathBuilder.WriteString(ret.Root.IALAttr("title"))
@@ -301,13 +301,3 @@ func parseJSON2Tree(boxID, p string, jsonData []byte, luteEngine *lute.Lute) (re
}
return
}
func ReadDocIAL(data []byte) (ret map[string]string) {
ret = map[string]string{}
val := jsoniter.Get(data, "Properties")
if nil == val || val.ValueType() == jsoniter.InvalidValue {
return
}
val.ToVal(&ret)
return
}