Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
return (
<>
{this.renderAction()}
{dayjs(createdAt).format('MMM D, h:mm A')}
{content && (
{messages && messages.length}
)}
);
}
const pickProps = (data) => {
data.name = xss(data.name)
data.price = xss(data.price)
data.image = xss(data.image)
data.from = xss(data.from)
data.urllink = xss(data.urllink)
return pick(data, ['name', 'price', 'image', 'from', 'urllink'])
}
const stripTags = content => {
const insertToDom = new DOMParser().parseFromString(content, 'text/html');
insertToDom.body.textContent.replace(/(<([^>]+)>)/gi, '') || '';
const string = xss(insertToDom.body.textContent, {
whitelist: [],
stripIgnoreTag: true,
stripIgnoreTagBody: '*'
});
return string;
};
var route = function(req, res, next) {
var filePath = req.originalUrl.replace('/abe/editor', '')
if (filePath === '' || filePath === '/') {
filePath = null
}
if (
filePath != null &&
path.extname(filePath) != `.${config.files.templates.extension}` &&
path.extname(filePath) != '.json'
) {
next()
return
}
if (filePath != null) {
var testXSS = xss(filePath, {
whiteList: [],
stripIgnoreTag: true
})
if (testXSS !== filePath) {
filePath = testXSS
}
}
abeExtend.hooks.instance.trigger('beforeRoute', req, res, next)
if (typeof res._header !== 'undefined' && res._header !== null) return
var isHome = true
var jsonPath = null
var template = null
var fileName = null
var folderPath = null
export function editEvent(id, event) {
event.updated = new Date();
event.text = xss(event.text);
return connect()
.then(conn => {
return r
.table('pulses')
.get(id).update(event).run(conn)
.then(() => event);
});
}
renderContent(content: string, type: string) {
if (!type.includes('conversation')) {
return <b> {content}</b>;
}
return (
<div>
<content>
</content></div>
);
}
function scriptToString(script: Object): string {
let string = '';
for (let member in script) {
switch (typeof script[member]) {
case 'function':
if (member === 'data') {
const dataObj = xss(JSON.stringify(script[member]()));
string += `${member}: function(){return ${dataObj}},`;
} else {
string += member + ': ' + String(script[member]) + ',';
}
break;
case 'object':
if (member === 'data') {
string += member + ': ' + xss(JSON.stringify(script[member])) + ',';
} else if (script[member].constructor === Array) {
string += member + ': ' + xss(JSON.stringify(script[member])) + ',';
} else {
string += member + ': ' + scriptToString(script[member]) + ',';
}
break;
default:
string += member + ': ' + JSON.stringify(script[member]) + ',';
renderContent(hasAttachment: boolean) {
const { message, renderContent } = this.props;
if (renderContent) {
return renderContent();
}
return (
<>
<span>
{this.renderAttachment(hasAttachment)}
);
}
</span>
t:xss(video.tags[i], {
whiteList: [],
stripIgnoreTag: true,
stripIgnoreTagBody: ['script']
}),
vt: 1
})
}
newVideo.tags = xssTags
}
if (newVideo.json.tags && !newVideo.tags) {
var xssTags = []
for (let i = 0; i < newVideo.json.tags.length; i++) {
xssTags.push({
t: xss(newVideo.json.tags[i], {
whiteList: [],
stripIgnoreTag: true,
stripIgnoreTagBody: ['script']
}),
vt: 1
})
}
newVideo.tags = xssTags
}
if (Session.get('scot') && !isComment) {
var hasTheTag = false
if (newVideo.tags)
for (let i = 0; i < newVideo.tags.length; i++) {
if (newVideo.tags[i].t === Session.get('scot').tag) {
hasTheTag = true