Skip to content

Commit 4a23501

Browse files
paf31paf31
committed
Fix XSS issue
1 parent ebf1a24 commit 4a23501

File tree

2 files changed

+43
-23
lines changed

2 files changed

+43
-23
lines changed

js/index.js

+38-17
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/Main.purs

+5-6
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,7 @@ import Prelude
55
import Control.Monad.Cont.Trans (ContT(..), runContT)
66
import Control.Monad.Eff (Eff)
77
import Control.Monad.Eff.Console (CONSOLE, error)
8-
import Control.Monad.Eff.JQuery (JQuery, addClass, append, appendText, attr, create, hide, on, ready, select, setProp, setValue) as JQuery
9-
import Control.Monad.Eff.JQuery (setAttr)
8+
import Control.Monad.Eff.JQuery (JQuery, addClass, append, setText, setAttr, attr, create, hide, on, ready, select, setProp, setValue) as JQuery
109
import Control.Monad.Eff.JQuery.Extras (empty, fadeIn, fadeOut, filter, getValueMaybe, is) as JQuery
1110
import Control.Monad.Eff.Random (RANDOM)
1211
import Control.Monad.Eff.Timer (TIMER, setTimeout)
@@ -53,12 +52,12 @@ displayErrors errs = do
5352
forWithIndex_ errs \i (CompilerError{ message }) -> do
5453
h1 <- JQuery.create "<h1>"
5554
JQuery.addClass "error-banner" h1
56-
JQuery.appendText ("Error " <> show (i + 1) <> " of " <> show (Array.length errs)) h1
55+
JQuery.setText ("Error " <> show (i + 1) <> " of " <> show (Array.length errs)) h1
5756

5857
pre <- JQuery.create "<pre>"
5958
code_ <- JQuery.create "<code>"
6059
JQuery.append code_ pre
61-
JQuery.appendText message code_
60+
JQuery.setText message code_
6261

6362
JQuery.append h1 column2
6463
JQuery.append pre column2
@@ -74,7 +73,7 @@ displayPlainText s = do
7473
pre <- JQuery.create "<pre>"
7574
code_ <- JQuery.create "<code>"
7675
JQuery.append code_ pre
77-
JQuery.appendText s code_
76+
JQuery.setText s code_
7877
JQuery.append pre column2
7978

8079
isShowJsChecked :: forall eff. Eff (dom :: DOM | eff) Boolean
@@ -87,7 +86,7 @@ isAutoCompileChecked = JQuery.select "#auto_compile" >>= \jq -> JQuery.is jq ":c
8786
changeViewMode :: forall eff. Maybe String -> Eff (dom :: DOM | eff) Unit
8887
changeViewMode viewMode =
8988
for_ viewMode \viewMode_ ->
90-
JQuery.select "#editor_view" >>= setAttr "data-view-mode" viewMode_
89+
JQuery.select "#editor_view" >>= JQuery.setAttr "data-view-mode" viewMode_
9190

9291
getTextAreaContent :: forall eff. Eff (dom :: DOM | eff) String
9392
getTextAreaContent = fold <$> (JQuery.select "#code_textarea" >>= JQuery.getValueMaybe)

0 commit comments

Comments
 (0)