Skip to content

Commit

Permalink
Update server
Browse files Browse the repository at this point in the history
  • Loading branch information
@irsdl
irsdl authored Nov 2, 2020
1 parent 0c6a1a7 commit a319c5e
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -228,7 +228,7 @@ function timeIp(ip, gateway)
possibleIps = possibleIps.sort(function(a, b) { return sortIps[a] - sortIps[b] })
console.log("sorted", possibleIps)

div.innerHTML = !gateway || classC[ipclass].printed ? 'discovered ' + ip + ' in ' + diff + 'ms, possible internal ip' : '<b>discovered local subnet: ' + ip + ' responded with either RST or SYN</b>'
div.innerHTML = !gateway || classC[ipclass].printed ? 'discovered ' + htmlEncodeSpecial(ip) + ' in ' + diff + 'ms, possible internal ip' : '<b>discovered local subnet: ' + htmlEncodeSpecial(ip) + ' responded with either RST or SYN</b>'
classC[ipclass].printed = true

// ignore .0 and .255
Expand Down Expand Up @@ -319,7 +319,7 @@ var checkButton = function()

function log(msg)
{
document.getElementById('log').innerHTML = msg + '<br>' + document.getElementById('log').innerHTML
document.getElementById('log').innerHTML = htmlEncodeSpecial(msg) + '<br>' + document.getElementById('log').innerHTML
}

// called by get_size script tag upon load
Expand Down Expand Up @@ -626,7 +626,7 @@ console.log(url, str.length)
if (reuse) crashoverride.id = 'pintextarea'
crashoverride.setAttribute("value", str)
crashoverride.innerText=str
crashoverride.innerHTML=str
crashoverride.innerHTML=htmlEncodeSpecial(str)
gibson.appendChild(crashoverride)
acidburn.appendChild(gibson)

Expand Down Expand Up @@ -1023,6 +1023,11 @@ if (!String.prototype.padStart) {
};
}

// to fix DOM-based XSS issues - https://samy.pl/slipstream/server?localip=1.1.1.1<img src onerror%3dalert(1)>
function htmlEncodeSpecial(value) {
return value.replace(/</gi,'&lt;').replace(/>/gi,'&gt;').replace(/&lt;([a-zA-Z])&gt;/gi,'\<$1\>').replace(/&lt;\/([a-zA-Z])&gt;/gi,'</$1>');
}

start()
</script>
</body>
Expand Down

0 comments on commit a319c5e

Please sign in to comment.