Replace insecure use of innerHTML, changed update URL

This commit is contained in:
and94x 2022-12-01 23:06:48 +01:00
parent 423a4669e3
commit 7c5229d315
3 changed files with 11 additions and 11 deletions

View File

@ -1,8 +1,4 @@
let translatableSpans = document.querySelectorAll('.i18n-target');
for (let t of translatableSpans) {
t.innerHTML = getMessage(t.attributes['data-id'].value);
}
function getMessage(id){
return chrome.i18n.getMessage(id);
t.innerText = chrome.i18n.getMessage(t.attributes['data-id'].value);
}

View File

@ -32,7 +32,7 @@ function validateAndSave() {
console.log('Failed to save settings - form validation was not successful.')
saveButton.classList.replace('btn-primary', 'btn-danger');
saveButton.classList.replace('btn-success', 'btn-danger');
saveButton.textContent = getMessage('settingsSaveButtonCaptionFailure');
saveButton.textContent = chrome.i18n.getMessage('settingsSaveButtonCaptionFailure');
}
}
@ -46,7 +46,7 @@ function save() {
// Update form controls to let user know options were saved.
saveButton.classList.replace('btn-primary', 'btn-success');
saveButton.classList.replace('btn-danger', 'btn-success');
saveButton.textContent = getMessage('settingsSaveButtonCaptionSuccess');
saveButton.textContent = chrome.i18n.getMessage('settingsSaveButtonCaptionSuccess');
});
} else {
console.error('Unsupported browser or no access to localStorage')
@ -58,8 +58,8 @@ function save() {
function load(){
if (chrome && chrome.storage && chrome.storage.local) {
chrome.storage.local.get({
baseURL: getMessage("settingsFormInputRequired"),
wssURL: getMessage("settingsFormInputRequired")
baseURL: chrome.i18n.getMessage("settingsFormInputRequired"),
wssURL: chrome.i18n.getMessage("settingsFormInputRequired")
}, function (items) {
stammTVBaseUrl.value = items.baseURL;
stammTVWSSUrl.value = items.wssURL;
@ -70,7 +70,6 @@ function load(){
}
function autofillWSSURL() {
console.log('here am i');
if (stammTVBaseUrl.value.startsWith('http')) {
let predictedWSSURL = stammTVBaseUrl.value.replace('https', 'wss').replace('http', 'wss');
if (predictedWSSURL.endsWith('/')) {

View File

@ -1,11 +1,16 @@
{
"manifest_version": 2,
"name": "StammTV Helper",
"version": "1.5",
"version": "2.0.1",
"browser_action": {
"default_title": "StammTV Context-Menu",
"default_popup": "popup/popup.html"
},
"browser_specific_settings": {
"gecko": {
"update_url": "https://stammtv.m-it.biz/firefox/updates.json"
}
},
"default_locale": "en",
"description": "Adds a context-menu option to send URLs to your instance of StammTV",
"icons": {