Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request #3313 from rhelmer/sanitize-window-location
better sanitize window location in error messages
  • Loading branch information
JohnMcLear committed Jan 31, 2018
2 parents 626e58c + 38b1e0a commit a03422b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/static/js/pad_utils.js
Expand Up @@ -524,7 +524,7 @@ function setupGlobalExceptionHandler() {
$("#editorloadingbox").css("padding", "10px");
$("#editorloadingbox").css("padding-top", "45px");
$("#editorloadingbox").html("<div style='text-align:left;color:red;font-size:16px;'><b>An error occurred</b><br>The error was reported with the following id: '" + errorId + "'<br><br><span style='color:black;font-weight:bold;font-size:16px'>Please press and hold Ctrl and press F5 to reload this page, if the problem persists please send this error message to your webmaster: </span><div style='color:black;font-size:14px'>'"
+ "ErrorId: " + errorId + "<br>URL: " + window.location.href + "<br>UserAgent: " + userAgent + "<br>" + msg + " in " + url + " at line " + linenumber + "'</div></div>");
+ "ErrorId: " + errorId + "<br>URL: " + padutils.escapeHtml(window.location.href) + "<br>UserAgent: " + userAgent + "<br>" + msg + " in " + url + " at line " + linenumber + "'</div></div>");
}

//send javascript errors to the server
Expand Down

0 comments on commit a03422b

Please sign in to comment.