rixty/SillyTavern
1
0
Fork 0
mirror of https://github.com/SillyTavern/SillyTavern.git synced 2025-06-05 21:59:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix security from upstream + console error messages

Browse Source
This commit is contained in:
SillyLossy
2023-03-19 20:23:18 +02:00
parent 379207a3d8
commit 006ffec1f9
8 changed files with 34 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
public/scripts/extensions.js
View File

@ -201,13 +201,13 @@ function addExtensionScript(name, manifest) {
function showExtensionsDetails() {
let html = '<h3>Modules provided by your Extensions API:</h3>';
html += modules.length ? modules.join(', ') : '<p class="failure">Not connected to the API!</p>';
html += modules.length ? DOMPurify.sanitize(modules.join(', ')) : '<p class="failure">Not connected to the API!</p>';
html += '<h3>Available extensions:</h3>';
Object.entries(manifests).sort((a, b) => a[1].loading_order - b[1].loading_order).forEach(extension => {
const name = extension[0];
const manifest = extension[1];
html += `<h4>${manifest.display_name}</h4>`;
html += `<h4>${DOMPurify.sanitize(manifest.display_name)}</h4>`;
if (activeExtensions.has(name)) {
html += `<p class="success">Extension is active. <a href="javascript:void" data-name="${name}" class="disable_extension">Disable</a></p>`;
}
@ -217,7 +217,7 @@ function showExtensionsDetails() {
else {
const requirements = new Set(manifest.requires);
modules.forEach(x => requirements.delete(x));
const requirementsString = [...requirements].join(', ');
const requirementsString = DOMPurify.sanitize([...requirements].join(', '));
html += `<p>Missing modules: <span class="failure">${requirementsString}</span></p>`
}
});