Giters

ant-design / ant-design-mobile

Essential UI blocks for building mobile web apps.

Home Page:https://mobile.ant.design

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Ellipsis at risk of xss

Yangholmes opened this issue · comments

commented

Version of antd-mobile

5.34.0

Operating system and its version

Others

Browser and its version

Chromium 122.0.6261.94

Sandbox to reproduce

https://codesandbox.io/p/sandbox/trusting-bose-xz3y3k

What happened?

如果给 Ellipsis content prop 提供一个带有 html 标签的超长字符串,那么将会发生 xss 注入,而且会导致字符串长度计算错误。

发生注入的位置应该是

ant-design-mobile/src/components/ellipsis/ellipsis.tsx

Lines 119 to 124 in 1d0fc6f

const middle = Math.round((left + right) / 2)
if (props.direction === 'end') {
container.innerHTML = getSubString(0, middle) + '...' + actionText
} else {
container.innerHTML = actionText + '...' + getSubString(middle, end)
}

ant-design-mobile/src/components/ellipsis/ellipsis.tsx

Lines 156 to 161 in 1d0fc6f

container.innerHTML =
getSubString(0, leftPartMiddle) +
'...' +
actionText +
'...' +
getSubString(rightPartMiddle, end)

如果确认是这里发生注入,我可以尝试将我的补丁提一个 PR 修复。

Relevant log output

No response

commented

欢迎 PR