luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Manually patches handlebars JS to escape = to prevent XSS.

This commit is contained in:
James Phillips 2017-12-20 19:49:06 -08:00
parent bfce81d721
commit 3a311b7a18
No known key found for this signature in database
GPG Key ID: 77183E682AC5FC11
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ui/javascripts/libs/handlebars-1.3.0.min.js vendored
View File

@ -1,4 +1,4 @@
var Handlebars=function(){var y=function(){function l(h){this.string=h}l.prototype.toString=function(){return""+this.string};return l}(),v=function(l){function h(a){return b[a]||"&amp;"}var g={},b={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#x27;","`":"&#x60;"},a=/[&<>"'`]/g,c=/[&<>"'`]/;g.extend=function(a,b){for(var k in b)Object.prototype.hasOwnProperty.call(b,k)&&(a[k]=b[k])};var d=Object.prototype.toString;g.toString=d;var e=function(a){return"function"===typeof a};e(/x/)&&(e=function(a){return"function"===
var Handlebars=function(){var y=function(){function l(h){this.string=h}l.prototype.toString=function(){return""+this.string};return l}(),v=function(l){function h(a){return b[a]||"&amp;"}var g={},b={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#x27;","`":"&#x60;",'=':'&#x3D;'},a=/[&<>"'`=]/g,c=/[&<>"'`=]/;g.extend=function(a,b){for(var k in b)Object.prototype.hasOwnProperty.call(b,k)&&(a[k]=b[k])};var d=Object.prototype.toString;g.toString=d;var e=function(a){return"function"===typeof a};e(/x/)&&(e=function(a){return"function"===
typeof a&&"[object Function]"===d.call(a)});g.isFunction=e;var x=Array.isArray||function(a){return a&&"object"===typeof a?"[object Array]"===d.call(a):!1};g.isArray=x;g.escapeExpression=function(b){if(b instanceof l)return b.toString();if(!b&&0!==b)return"";b=""+b;return!c.test(b)?b:b.replace(a,h)};g.isEmpty=function(a){return!a&&0!==a?!0:x(a)&&0===a.length?!0:!1};return g}(y),p=function(){function l(g,b){var a;b&&b.firstLine&&(a=b.firstLine,g+=" - "+a+":"+b.firstColumn);for(var c=Error.prototype.constructor.call(this,
g),d=0;d<h.length;d++)this[h[d]]=c[h[d]];a&&(this.lineNumber=a,this.column=b.firstColumn)}var h="description fileName lineNumber message name number stack".split(" ");l.prototype=Error();return l}(),z=function(l,h){function g(a,k){this.helpers=a||{};this.partials=k||{};b(this)}function b(a){a.registerHelper("helperMissing",function(a){if(2!==arguments.length)throw new e("Missing helper: '"+a+"'");});a.registerHelper("blockHelperMissing",function(b,k){var c=k.inverse||function(){},n=k.fn;f(b)&&(b=
b.call(this));return!0===b?n(this):!1===b||null==b?c(this):x(b)?0<b.length?a.helpers.each(b,k):c(this):n(b)});a.registerHelper("each",function(a,b){var k=b.fn,c=b.inverse,e=0,t="",d;f(a)&&(a=a.call(this));b.data&&(d=n(b.data));if(a&&"object"===typeof a)if(x(a))for(var g=a.length;e<g;e++)d&&(d.index=e,d.first=0===e,d.last=e===a.length-1),t+=k(a[e],{data:d});else for(g in a)a.hasOwnProperty(g)&&(d&&(d.key=g,d.index=e,d.first=0===e),t+=k(a[g],{data:d}),e++);0===e&&(t=c(this));return t});a.registerHelper("if",