Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ellipsis at risk of xss #6572

Open
Yangholmes opened this issue Mar 12, 2024 · 1 comment
Open

Ellipsis at risk of xss #6572

Yangholmes opened this issue Mar 12, 2024 · 1 comment
Labels
bug

Comments

@Yangholmes
Copy link

Yangholmes commented Mar 12, 2024
edited

Version of antd-mobile

5.34.0

Operating system and its version

Others

Browser and its version

Chromium 122.0.6261.94

Sandbox to reproduce

https://codesandbox.io/p/sandbox/trusting-bose-xz3y3k

What happened?

如果给 Ellipsis content prop 提供一个带有 html 标签的超长字符串,那么将会发生 xss 注入,而且会导致字符串长度计算错误。

发生注入的位置应该是

ant-design-mobile/src/components/ellipsis/ellipsis.tsx

Lines 119 to 124 in 1d0fc6f

const middle = Math.round((left + right) / 2)
if (props.direction === 'end') {
container.innerHTML = getSubString(0, middle) + '...' + actionText
} else {
container.innerHTML = actionText + '...' + getSubString(middle, end)
}

ant-design-mobile/src/components/ellipsis/ellipsis.tsx

Lines 156 to 161 in 1d0fc6f

container.innerHTML =
getSubString(0, leftPartMiddle) +
'...' +
actionText +
'...' +
getSubString(rightPartMiddle, end)

如果确认是这里发生注入,我可以尝试将我的补丁提一个 PR 修复。

Relevant log output

No response
@Yangholmes Yangholmes added the bug label Mar 12, 2024
@afc163
Copy link
Member

afc163 commented May 14, 2024

欢迎 PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@afc163 @Yangholmes