~jpgleeson/caint-redist

96c55d5731c1df552029beda6db2afc68e825c1c — jpgleeson 3 years ago 13fd5bc master
FIX: validation

Thanks to the person who sent me this to sanitize the html.
1 files changed, 6 insertions(+), 4 deletions(-)

M caint.js
M caint.js => caint.js +6 -4
@@ 1,5 1,5 @@
const uri = 'api/Comments';
const threadUri = 'api/Threads';
const uri = 'https://api.caint.casa/api/Comments';
const threadUri = 'https://api.caint.casa/api/Threads';

const threadHost = "TENANTNAMEHERE";
const threadPath = document.location.pathname;


@@ 103,6 103,8 @@ function _displayCount(itemCount) {
  document.getElementById('counter').innerText = `${itemCount} ${name}`;
}

var sanitizeHTML = function (str) { return str.replace(/[^\w. ]/gi, function (c) { return '&#' + c.charCodeAt(0) + ';'; }); }

function _displayThread(data) {
  const threadBody = document.getElementById('commentThread');
  threadBody.setAttribute('class', 'commentThread');


@@ 124,8 126,8 @@ function _displayThread(data) {
    commentName.setAttribute('class', 'commenterName');
    commentBody.setAttribute('class', 'commentBody');

    commentName.innerHTML = item.name;
    commentBody.innerHTML = item.body;
    commentName.innerHTML = sanitizeHTML(item.name);
    commentBody.innerHTML = sanitizeHTML(item.body);

    commentDiv.appendChild(commentName);
    commentDiv.appendChild(commentBody);