mirsal/capsul-flask
0
0
Fork 0
forked from 3wordchant/capsul-flask
Code Issues Pull Requests Projects Releases Wiki Activity

remove query string XSS from login token

Browse Source
This commit is contained in:
forest
2020-05-16 23:05:45 -05:00
parent e3a2e8eee4
commit 5c1a977a87
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
capsulflask/console.py
View File

@ -45,6 +45,8 @@ def double_check_capsul_address(id, ipv4):
def index():
vms = get_vms()
created = request.args.get('created')
# this is here to prevent xss
if not re.match(r"^(cvm|capsul)-[a-z0-9]{10}$", created):
created = '___________'