LBRYCommunity/lbry-desktop
1
0
Fork 0
Code Issues 596 Pull requests 6 Projects Releases 238 Packages Wiki Activity

Add escapeHtmlProperty on url params

Browse source
This commit is contained in:
Rafael 2022-01-31 15:29:43 -03:00 committed by Thomas Zarebczan
parent 1628d4901c
commit 3d4a4cd960
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ui/util/web.js
View file

@ -13,16 +13,16 @@ function generateEmbedUrl(claimName, claimId, startTime, referralLink) {
let urlParams = new URLSearchParams(); let urlParams = new URLSearchParams();
if (startTime) { if (startTime) {
urlParams.append('t', startTime); urlParams.append('t', escapeHtmlProperty(startTime));
} }
if (referralLink) { if (referralLink) {
urlParams.append('r', referralLink); urlParams.append('r', escapeHtmlProperty(referralLink));
} }
const encodedUriName = encodeURIComponent(claimName).replace(/'/g, '%27').replace(/\(/g, '%28').replace(/\)/g, '%29'); const encodedUriName = encodeURIComponent(claimName).replace(/'/g, '%27').replace(/\(/g, '%28').replace(/\)/g, '%29');
const embedUrl = `${URL}/$/embed/${encodedUriName}/${claimId}`; const embedUrl = `${URL}/$/embed/${escapeHtmlProperty(encodedUriName)}/${escapeHtmlProperty(claimId)}`;
const embedUrlParams = urlParams.toString() ? `?${urlParams.toString()}` : ''; const embedUrlParams = urlParams.toString() ? `?${urlParams.toString()}` : '';
return `${embedUrl}${embedUrlParams}`; return `${embedUrl}${embedUrlParams}`;