kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-10-25 05:03:13 +00:00
Code Issues Projects Releases Wiki Activity

Escape input, fixes #3990

Browse Source
This commit is contained in:
James Cole
2020-10-25 06:36:33 +01:00
parent cf3d9d26fa
commit f6ce49b586
5 changed files with 54 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
resources/assets/js/components/transactions/AccountSelect.vue
View File

@@ -135,7 +135,17 @@ export default {
aSyncFunction: function (query, done) {
axios.get(this.accountAutoCompleteURI + query)
.then(res => {
done(res.data);
// loop over data
let escapedData = [];
let current;
for (const key in res.data) {
if (res.data.hasOwnProperty(key) && /^0$|^[1-9]\d*$/.test(key) && key <= 4294967294) {
current = res.data[key];
current.description = this.escapeHtml(res.data[key].description)
escapedData.push(current);
}
}
done(escapedData);
})
.catch(err => {
// any error handler