You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Expected behavior
It's secure for mentioned case and appropriate handled.
Screenshots
Errors (DevConsole):
Site view:
Site view for smaller size (pay attention to horizontal slider):
Desktop :
OS: Windows 10
Browser: Chrome (also applies to other browsers)
Version: 104
Additional context
Console:
search?q=test&&page=%3Cscript%3C/script%3E:6 **Uncaught SyntaxError**: Invalid or unexpected token (at search?q=test&&page=%3Cscript%3C/script%3E:6:15)
app.js:115 Loaded
app.js:115 **Uncaught TypeError**: Cannot read properties of undefined (reading 'split')
at u (app.js:115:1307)
at parcelRequire.QvaY.axios (app.js:115:1668)
at f (app.js:1:468)
at p (app.js:1:544)
at parcelRequire.ElCy../css/main.scss (app.js:117:41)
at f (app.js:1:468)
at parcelRequire.V4IP (app.js:1:771)
at app.js:1:1023
Describe the bug
Passing the appropriate parameter in
page=
can cause errors like SyntaxError and Uncaught TypeError.To Reproduce
Steps to reproduce the behavior:
(type for
page=
as parameter:<script></script>
)Expected behavior
It's secure for mentioned case and appropriate handled.
Screenshots
Errors (DevConsole):
Site view:
Site view for smaller size (pay attention to horizontal slider):
Desktop :
OS: Windows 10
Browser: Chrome (also applies to other browsers)
Version: 104
Additional context
Console:
Info displayed on the site:
"; window.requestQuery = "test"; window.localSettings = {"x-powered-by":true,"etag":"weak","env":"production","query parser":"extended","subdomain offset":2,"trust proxy":true,"views":"/app/views","jsonp callback name":"callback","view cache":true,"view engine":"pug","title":"Presearch","PRESEARCH_DOMAIN":"https://presearch.com","GATEWAY_ADDRESS":"eu-de-1.gateway.presearch.com","OLD_PRESEARCH_DOMAIN":"https://presearch.org","PRESEARCH_ACCOUNT_DOMAIN":"https://account.presearch.com","SEARCH_PROVIDERS_DOMAIN":"https://external.presearch.com","KEYWORDS_DOMAIN":"https://keywords.presearch.com","IMGCACHE_DOMAIN":"https://img.presearch.com","lang":"pl;q=0.8"}; window.PRESEARCH_DOMAIN = "https://presearch.com"; window.PRESEARCH_ACCOUNT_DOMAIN = "https://account.presearch.com"; window.OLD_PRESEARCH_DOMAIN = "https://presearch.org";
Best wishes,
The text was updated successfully, but these errors were encountered: