Updated JS to prevent XSS using SSIDs

2025-12-22 14:40:05 +01:00 · 2017-07-21 15:03:46 +02:00
parent f3c9fefe33
commit 9fe9fa2459
5 changed files with 21 additions and 11 deletions
--- a/web_server/html/js/apscan.js
+++ b/web_server/html/js/apscan.js
@@ -50,7 +50,7 @@ function getResults() {
      if (res.aps[i].se == 1) tr += '<tr class="selected">';
      else tr += '<tr>';
      tr += '<td>' + res.aps[i].c + '</td>';
-      tr += '<td>' + res.aps[i].ss + '</td>';
+      tr += '<td>' + escapeHTML(res.aps[i].ss) + '</td>';
      tr += '<td>' + getEncryption(res.aps[i].e) + '</td>';
 	  //tr += '<td>' + res.aps[i].r + ' <meter value="' + res.aps[i].r + '" max="-30" min="-100" low="-80" high="-60" optimum="-50"></meter></td>';
 	  var _width = res.aps[i].r + 130;