piratebox-mirror
/
PirateBoxScripts_Webserver
mirror of https://github.com/PirateBox-Dev/PirateBoxScripts_Webserver.git
2
1
Fork 0
Code Issues Releases Wiki Activity

Possible fix for JS injection issue 

I believe the problem lies in this file. I’m unable to get my box to
update the file when I push it and I’m not sure why.

Please test and report back.
This commit is contained in:
David Brooks 2014-07-11 18:37:39 +09:00
parent b1382377b9
commit 3ef2526bcc
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
piratebox/piratebox/www/cgi-bin/psowrte.py
View File

@ -11,9 +11,11 @@ print "Content-type:text/html\r\n\r\n"
values = cgi.FieldStorage()
if values.has_key("name"):
name = values["name"].value
rawname = values["name"].value
else:
name = " "
rawname = " "
namepass = re.sub("<", "&lt;", rawname)
name = re.sub(">", "&gt;", namepass)
if values.has_key("data"):
rawdata = values["data"].value
else:
@ -23,7 +25,7 @@ data = re.sub(">", "&gt;", datapass)
color = values["color"].value
curdate = datetime.datetime.now()
process_form( name , rawdata , color )
process_form( rawname , rawdata , color )
print """<html><body>ok</body></html>"""