From eebe553275d17971a997f233a98fdbce7c358c56 Mon Sep 17 00:00:00 2001 From: Aymeric Bernard <aymeric.bernard@student.ecp.fr> Date: Tue, 29 May 2018 13:22:49 +0200 Subject: [PATCH] Use encodeURI to avoid attack in image url --- front/src/Row.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/front/src/Row.js b/front/src/Row.js index 3239a5c..5bdc9c6 100644 --- a/front/src/Row.js +++ b/front/src/Row.js @@ -17,14 +17,14 @@ const PureImageRow = ({ row }) => { : { height: 'calc(2 * var(--rowHeight))' }; return ( <div className="bloc image-bloc" style={style}> - <img src={row.image} alt="" /> + <img src={encodeURI(row.image)} alt="" /> </div> ); }; const TextAndImageRow = ({ row }) => ( <div className="bloc image-text-bloc"> - <img className="row-icon" src={row.image} alt="" /> + <img className="row-icon" src={encodeURI(row.image)} alt="" /> <div className="text-section">{row.text.map(element => <TextElement element={element} />)}</div> </div> ); -- GitLab