github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2025-02-01 02:23:00 +08:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Fix encoding of page title. (#3768)

Browse Source
This commit is contained in:
Robert Korulczyk 2023-04-24 19:00:22 +02:00 committed by GitHub
parent accdfde6e1
commit fea31a8290
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
framework/core/js/src/common/Application.tsx
View File

@ -411,22 +411,12 @@ export default class Application {
pageNumber: 1,
};
let title =
const title =
onHomepage || !this.title
? extractText(app.translator.trans('core.lib.meta_titles.without_page_title', params))
: extractText(app.translator.trans('core.lib.meta_titles.with_page_title', params));
title = count + title;
// We pass the title through a DOMParser to allow HTML entities
// to be rendered correctly, while still preventing XSS attacks
// from user input by using a script-disabled environment.
// https://github.com/flarum/framework/issues/3514
// https://github.com/flarum/framework/pull/3684
const parser = new DOMParser();
const safeTitle = parser.parseFromString(title, 'text/html').body.innerHTML;
document.title = safeTitle;
document.title = count + title;
}
protected transformRequestOptions<ResponseType>(flarumOptions: FlarumRequestOptions<ResponseType>): InternalFlarumRequestOptions<ResponseType> {