fixed tag xss issue

2016-08-23 18:26:50 +03:00
parent 45ec53e81a
commit a1aea70f2c
12 changed files with 70 additions and 19 deletions
--- a/src/main/javascript/helpers/handlebars.js
+++ b/src/main/javascript/helpers/handlebars.js
@@ -11,7 +11,12 @@ var _sanitize = function(html) {

 var sanitize =function (html) {
    var _html;
-    if( _.isUndefined(html) || _.isNull(html) || _.isNumber(html))  {
+
+    if ( _.isUndefined(html) || _.isNull(html)) {
+        return new Handlebars.SafeString('');
+    }
+
+    if (_.isNumber(html))  {
        return new Handlebars.SafeString(html);
    }