Skip to content

Commit

Permalink
fix: reflected XSS vulnerability plist api
Browse files Browse the repository at this point in the history
  • Loading branch information
xhofe committed Nov 24, 2023
1 parent 34746e9 commit 6100647
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions server/handles/helper.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,8 @@ func Plist(c *gin.Context) {
}
fullName := c.Param("name")
Url := link.String()
Url = strings.ReplaceAll(Url, "<", "[")
Url = strings.ReplaceAll(Url, ">", "]")
nameEncode := linkNameSplit[1]
fullName, err = url.PathUnescape(nameEncode)
if err != nil {
Expand Down

0 comments on commit 6100647

Please sign in to comment.