commit
466f08c846
16
testssl.sh
16
testssl.sh
|
@ -490,12 +490,12 @@ html_reserved(){
|
||||||
local output
|
local output
|
||||||
"$do_html" || return 0
|
"$do_html" || return 0
|
||||||
#sed -e 's/\&/\&/g' -e 's/</\</g' -e 's/>/\>/g' -e 's/"/\"/g' -e "s/'/\'/g" <<< "$1"
|
#sed -e 's/\&/\&/g' -e 's/</\</g' -e 's/>/\>/g' -e 's/"/\"/g' -e "s/'/\'/g" <<< "$1"
|
||||||
output="${1//\&/\&}"
|
output="${1//&/&}"
|
||||||
output="${output//</\<}"
|
output="${output//</<}"
|
||||||
output="${output//>/\>}"
|
output="${output//>/>}"
|
||||||
output="${output//\"/\"}"
|
output="${output//\"/"}"
|
||||||
output="${output//\'/\'}"
|
output="${output//\'/'}"
|
||||||
tm_out "$output"
|
printf -- "%s" "$output"
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -510,8 +510,8 @@ safe_echo() { printf -- "%b" "${1//%/%%}"; }
|
||||||
tm_out() { printf -- "%b" "${1//%/%%}"; }
|
tm_out() { printf -- "%b" "${1//%/%%}"; }
|
||||||
tmln_out() { printf -- "%b" "${1//%/%%}\n"; }
|
tmln_out() { printf -- "%b" "${1//%/%%}\n"; }
|
||||||
|
|
||||||
out() { printf -- "%b" "${1//%/%%}"; html_out "$1"; }
|
out() { printf -- "%b" "${1//%/%%}"; html_out "$(html_reserved "$1")"; }
|
||||||
outln() { printf -- "%b" "${1//%/%%}\n"; html_out "$1\n"; }
|
outln() { printf -- "%b" "${1//%/%%}\n"; html_out "$(html_reserved "$1")\n"; }
|
||||||
|
|
||||||
#TODO: Still no shell injection safe but if just run it from the cmd line: that's fine
|
#TODO: Still no shell injection safe but if just run it from the cmd line: that's fine
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue