zadam/trilium
1
1
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-01-15 11:39:37 +08:00
Code Issues Projects Releases Packages Wiki Activity

fix sanitization of autocomplete against XSS

Browse source
This commit is contained in:
zadam 2023-03-17 22:04:49 +01:00
parent 5ad47d3866
commit 4c3fcc3ea6
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/services/search/services/search.js
View file

@ -307,7 +307,7 @@ function highlightSearchResults(searchResults, highlightedTokens) {
for (const result of searchResults) { for (const result of searchResults) {
const note = becca.notes[result.noteId]; const note = becca.notes[result.noteId];
result.highlightedNotePathTitle = result.notePathTitle.replace('/[<\{\}]/g', ''); result.highlightedNotePathTitle = result.notePathTitle.replace(/[<{}]/g, '');
if (highlightedTokens.find(token => note.type.includes(token))) { if (highlightedTokens.find(token => note.type.includes(token))) {
result.highlightedNotePathTitle += ` "type: ${note.type}'`; result.highlightedNotePathTitle += ` "type: ${note.type}'`;