Escape curl command to fix XSS vulnerability.

2016-01-12 23:31:59 -06:00
parent 3abf8d2c0d
commit 331d2be070
3 changed files with 13 additions and 13 deletions
--- a/dist/swagger-ui.js
+++ b/dist/swagger-ui.js
@@ -25926,7 +25926,7 @@ SwaggerUi.Views.OperationView = Backbone.View.extend({
    // adds curl output
    var curlCommand = this.model.asCurl(this.map, {responseContentType: contentType});
    curlCommand = curlCommand.replace('!', '&#33;');
-    $( 'div.curl', $(this.el)).html('<pre>' + curlCommand + '</pre>');
+    $( 'div.curl', $(this.el)).html('<pre>' + _.escape(curlCommand) + '</pre>');
    // only highlight the response if response is less than threshold, default state is highlight response
    var opts = this.options.swaggerOptions;
--- a/dist/swagger-ui.min.js
+++ b/dist/swagger-ui.min.js
--- a/src/main/javascript/view/OperationView.js
+++ b/src/main/javascript/view/OperationView.js
@@ -704,7 +704,7 @@ SwaggerUi.Views.OperationView = Backbone.View.extend({
    // adds curl output
    var curlCommand = this.model.asCurl(this.map, {responseContentType: contentType});
    curlCommand = curlCommand.replace('!', '&#33;');
-    $( 'div.curl', $(this.el)).html('<pre>' + curlCommand + '</pre>');
+    $( 'div.curl', $(this.el)).html('<pre>' + _.escape(curlCommand) + '</pre>');
    // only highlight the response if response is less than threshold, default state is highlight response
    var opts = this.options.swaggerOptions;