Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-30 13:03:53 +01:00
Code Issues Projects Releases Wiki Activity

use swal titletext to avoid XSS (#884)

Browse Source
This commit is contained in:
Kyle Spearrin 2021-05-13 15:22:52 -04:00 committed by GitHub
parent 55b0118240
commit 0d5d8b671d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/services/electronPlatformUtils.service.ts
View File

@ -18,7 +18,7 @@ export class ElectronPlatformUtilsService extends BaseElectronPlatformUtilsServi
Promise<boolean> { Promise<boolean> {
const result = await Swal.fire({ const result = await Swal.fire({
heightAuto: false, heightAuto: false,
title: title, titleText: title,
input: 'password', input: 'password',
text: body, text: body,
confirmButtonText: this.i18nService.t('ok'), confirmButtonText: this.i18nService.t('ok'),

2
src/services/nativeMessaging.service.ts
View File

@ -53,7 +53,7 @@ export class NativeMessagingService {
// Await confirmation that fingerprint is correct // Await confirmation that fingerprint is correct
const submitted = await Swal.fire({ const submitted = await Swal.fire({
title: this.i18nService.t('verifyBrowserTitle'), titleText: this.i18nService.t('verifyBrowserTitle'),
html: `${this.i18nService.t('verifyBrowserDesc')}<br><br><strong>${fingerprint}</strong>`, html: `${this.i18nService.t('verifyBrowserDesc')}<br><br><strong>${fingerprint}</strong>`,
showCancelButton: true, showCancelButton: true,
cancelButtonText: this.i18nService.t('cancel'), cancelButtonText: this.i18nService.t('cancel'),