CodingPirates/blockly
1
0
Fork 0
mirror of https://github.com/google/blockly.git synced 2026-01-04 15:40:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix injection vulnerability in Block Factories.

Browse Source 
Fixes issue #756.
This commit is contained in:
Neil Fraser
2019-08-01 16:36:56 -07:00
committed by Neil Fraser
parent e77a9b7e81
commit ae24b544f3
4 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
demos/blockfactory/factory_utils.js
View File

@@ -902,9 +902,9 @@ FactoryUtils.defineAndGetBlockTypes = function(blockDefsString, format) {
FactoryUtils.injectCode = function(code, id) {
var pre = document.getElementById(id);
pre.textContent = code;
code = pre.textContent;
code = PR.prettyPrintOne(code, 'js');
pre.innerHTML = code;
// Remove the 'prettyprinted' class, so that Prettify will recalculate.
pre.className = pre.className.replace('prettyprinted', '');
PR.prettyPrint();
};
/**