From 8ff97dd109ee31dbc1fb6477c7de6fc2fb9cafc8 Mon Sep 17 00:00:00 2001 From: Ye Wang Date: Tue, 12 May 2015 20:37:50 -0400 Subject: [PATCH] security patch --- player/js/player.js | 9 ++------- player/js/sgf.js | 12 ++++++++++-- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/player/js/player.js b/player/js/player.js index 436bbe5..57109ed 100644 --- a/player/js/player.js +++ b/player/js/player.js @@ -506,11 +506,6 @@ eidogo.Player.prototype = { me.load(this.root, target); completeFn && completeFn(); }); - } else if (data.charAt(0) == '{') { - // JSON - data = eval("(" + data + ")"); - this.load(data, target); - completeFn && completeFn(); } else { this.croak(t['invalid data']); } @@ -972,7 +967,7 @@ eidogo.Player.prototype = { contBranch.C = moveNum > 1 ? "" + t['show games'] + "" : ""; var cont, - conts = eval('(' + req.responseText + ')'); + conts = JSON.parse(req.responseText); if (conts.length) { conts.sort(function(a, b) { return parseInt(b.count, 10) - parseInt(a.count, 10); }); var highCount = parseInt(conts[0].count, 10); @@ -1474,7 +1469,7 @@ eidogo.Player.prototype = { this.dom.searchCount.innerHTML = "No"; return; } - var ret = eval("(" + req.responseText + ")"); + var ret = JSON.parse(req.responseText); var results = ret.results, result, html = "", diff --git a/player/js/sgf.js b/player/js/sgf.js index b630f3c..a5d4a48 100644 --- a/player/js/sgf.js +++ b/player/js/sgf.js @@ -74,7 +74,15 @@ eidogo.SgfParser.prototype = { this.index++; } } - values[i] += this.curChar(); + if (this.curChar() === '<') { + values[i] += '<'; + } else if (this.curChar() === '>') { + values[i] += '>'; + } else if (this.curChar() === '&') { + values[i] += '&'; + } else { + values[i] += this.curChar(); + } this.index++; } i++; @@ -105,4 +113,4 @@ eidogo.SgfParser.prototype = { curChar: function() { return this.sgf.charAt(this.index); } -}; \ No newline at end of file +};