blue
/
synapse-registration-bash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more xss protections because html a shit A SHIT

This commit is contained in:
Midov 2023-04-03 14:20:47 +02:00
parent 0ac577f398
commit 5db9926166
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
registerform.sh
View File

@ -5,6 +5,9 @@ sendcaptchashort() {
curl --silent -XPOST "$captchouliurl" -H "$HTTP_CONTENT_TYPE" -d "$1" > /dev/null curl --silent -XPOST "$captchouliurl" -H "$HTTP_CONTENT_TYPE" -d "$1" > /dev/null
} }
htmlspecialchars() {
echo "$1" | sed -e 's/&/,amp/g' -e 's/"/,quot/g' -e 's/</,lt/g' -e 's/>/,gt/g' | head -n 1
}
registrationpage() { registrationpage() {
echo "Content-type: text/html" echo "Content-type: text/html"
@ -48,7 +51,7 @@ registrationpage() {
# get post body from captchouli to check if its valid later # get post body from captchouli to check if its valid later
data=$(cat) data=$(cat)
id=$(echo "$data" | cut -d '=' -f 2 | cut -d '&' -f 1) id=$(htmlspecialchars $(echo "$data" | cut -d '=' -f 2 | cut -d '&' -f 1))
registrationpage registrationpage
# sends the captcha id to capthouli so it knows it was solved # sends the captcha id to capthouli so it knows it was solved