fix possible xss exploit with innerHTML

2024-11-21 06:09:51 +01:00 · 2021-07-01 20:54:10 +02:00 · 2021-07-01 20:54:10 +02:00 · 3b983f12ce
commit 3b983f12ce
parent c53c789122
1 changed files with 6 additions and 6 deletions
--- a/src/client/assets/js/index.js
+++ b/src/client/assets/js/index.js
@ -21,9 +21,9 @@ document.body.onload = () => {
    minMem.max = totalMem
    maxMem.max = totalMem
    minMem.value = localStorage.getItem("minMem") != null ? localStorage.getItem("minMem") : 1024 
-    outputMinMem.innerHTML = minMem.value
+    outputMinMem.textContent = minMem.value
    maxMem.value = localStorage.getItem("maxMem") != null ? localStorage.getItem("maxMem") : 2048
-    outputMaxMem.innerHTML = maxMem.value
+    outputMaxMem.textContent = maxMem.value
    demandModsInformations()
 }

@ -134,10 +134,10 @@ disconnectBtn.addEventListener('click', e => {
    ipcRenderer.send('disconnect')
 })

-minMem.addEventListener("input", (e) => {
-    outputMinMem.innerHTML = e.target.value
+minMem.addEventListener("input", e => {
+    outputMinMem.textContent = e.target.value
 })

-maxMem.addEventListener("input", (e) => {
-    outputMaxMem.innerHTML = e.target.value
+maxMem.addEventListener("input", e => {
+    outputMaxMem.textContent = e.target.value
 })