From b812e2cc44a67953b91d42ee63a0bc331e88dd1c Mon Sep 17 00:00:00 2001
From: Adri Valle <adri9valle@gmail.com>
Date: Mon, 21 Jan 2019 13:29:10 +0100
Subject: [PATCH 1/3] Escape not allowed characters

---
 .../wz-xml-file-editor/wz-xml-file-editor.js  | 25 +++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js b/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js
index caa66d361..89038eaa4 100644
--- a/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js
+++ b/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js
@@ -35,10 +35,31 @@ define([
       },
       controller($scope, $document, $notificationService, $groupHandler) {
         let firstTime = true
+        const parser = new DOMParser();// eslint-disable-line
+
+        const replaceIllegarXML = (t) => {
+          const oDom = parser.parseFromString(t, 'text/html')
+          const lines = oDom.documentElement.textContent.split('\n')
+          lines.forEach(line => {
+            let replace = line
+              .replace(/&/g, '&amp;')
+              .replace(/</g, '\&lt;')
+              .replace(/>/g, '\&gt;')
+              .replace(/"/g, '\&quot;')
+              .replace(/'/g, '\&apos;')
+            if (replace != line) {
+              replace = replace.trim()
+              const regex = new RegExp(line.trim())
+              t = t.replace(regex, replace)
+            }
+          })
+          return t
+        }
+
         const checkXmlParseError = () => {
           try {
-            const parser = new DOMParser() // eslint-disable-line
-            const xml = $scope.xmlCodeBox.getValue()
+            const text = $scope.xmlCodeBox.getValue()
+            const xml = replaceIllegarXML(text)
             const xmlDoc = parser.parseFromString(
               '<file>' + xml + '</file>',
               'text/xml'

From f6a5061a83b4452e6cdcbdf080ea00e2a28e7ffc Mon Sep 17 00:00:00 2001
From: Adri Valle <adri9valle@gmail.com>
Date: Tue, 22 Jan 2019 08:22:41 +0100
Subject: [PATCH 2/3] Fix checkXmlParseError

---
 .../wz-xml-file-editor/wz-xml-file-editor.js  | 23 ++++++++++---------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js b/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js
index 89038eaa4..892aac3bd 100644
--- a/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js
+++ b/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js
@@ -34,26 +34,27 @@ define([
         targetName: '=targetName'
       },
       controller($scope, $document, $notificationService, $groupHandler) {
+        String.prototype.xmlReplace = function (str, newstr) {
+          return this.split(str).join(newstr)
+        }
+
         let firstTime = true
         const parser = new DOMParser();// eslint-disable-line
 
-        const replaceIllegarXML = (t) => {
-          const oDom = parser.parseFromString(t, 'text/html')
+        const replaceIllegarXML = text => {
+          const oDom = parser.parseFromString(text, 'text/html')
           const lines = oDom.documentElement.textContent.split('\n')
-          lines.forEach(line => {
-            let replace = line
+          for (const line of lines) {
+            const sanitized = line
+              .trim()
               .replace(/&/g, '&amp;')
               .replace(/</g, '\&lt;')
               .replace(/>/g, '\&gt;')
               .replace(/"/g, '\&quot;')
               .replace(/'/g, '\&apos;')
-            if (replace != line) {
-              replace = replace.trim()
-              const regex = new RegExp(line.trim())
-              t = t.replace(regex, replace)
-            }
-          })
-          return t
+            text = text.xmlReplace(line.trim(), sanitized)
+          }
+          return text
         }
 
         const checkXmlParseError = () => {

From 70492c536c132bf29903a8180c3cce9cc579ce20 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jes=C3=BAs=20=C3=81ngel?= <jesus.gonzalez@wazuh.com>
Date: Wed, 23 Jan 2019 11:41:16 +0100
Subject: [PATCH 3/3] Update wz-xml-file-editor.js

---
 .../js/directives/wz-xml-file-editor/wz-xml-file-editor.js    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js b/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js
index 892aac3bd..e7447fd95 100644
--- a/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js
+++ b/SplunkAppForWazuh/appserver/static/js/directives/wz-xml-file-editor/wz-xml-file-editor.js
@@ -41,7 +41,7 @@ define([
         let firstTime = true
         const parser = new DOMParser();// eslint-disable-line
 
-        const replaceIllegarXML = text => {
+        const replaceXML = text => {
           const oDom = parser.parseFromString(text, 'text/html')
           const lines = oDom.documentElement.textContent.split('\n')
           for (const line of lines) {
@@ -60,7 +60,7 @@ define([
         const checkXmlParseError = () => {
           try {
             const text = $scope.xmlCodeBox.getValue()
-            const xml = replaceIllegarXML(text)
+            const xml = replaceXML(text)
             const xmlDoc = parser.parseFromString(
               '<file>' + xml + '</file>',
               'text/xml'