be-gay-do-crimes
/
NewPipeExtractor
mirror of https://github.com/TeamNewPipe/NewPipeExtractor
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix for potential XSS attacks.

This commit is contained in:
Kavin 2022-12-31 20:05:32 +00:00
parent f45966d449
commit 01acf79436
No known key found for this signature in database
GPG Key ID: 49451E4482CC5BCD
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
extractor/src/main/java/org/schabi/newpipe/extractor/services/youtube/YoutubeParsingHelper.java
View File

@ -33,7 +33,7 @@ import com.grack.nanojson.JsonObject;
import com.grack.nanojson.JsonParser;
import com.grack.nanojson.JsonParserException;
import com.grack.nanojson.JsonWriter;
import org.jsoup.nodes.Entities;
import org.schabi.newpipe.extractor.MetaInfo;
import org.schabi.newpipe.extractor.downloader.Response;
import org.schabi.newpipe.extractor.exceptions.AccountTerminatedException;
@ -967,7 +967,7 @@ public final class YoutubeParsingHelper {
textBuilder.append("<s>");
}
textBuilder.append(text);
textBuilder.append(Entities.escape(text));
if (strikethrough) {
textBuilder.append("</s>");