2. Algorithm
  3. security - How to fix "Client Potential XSSRuta"? - Stack Overflow

security - How to fix "Client Potential XSSRuta"? - Stack Overflow

admin2025-04-09  1

I’m working on an AngularJS project, and after running a security scan with Checkmarx, I’ve encountered the following XSS vulnerability:

"The in the application embeds untrusted data into the output generated with CxEscapedOutput, at line 3 of client/app/loans.module/features/loansDetail/loansDetailPrepayments/loansDetailPrepayments.html. This untrusted data is directly embedded into the output without proper sanitization or encoding, allowing an attacker to inject malicious code into the output."

The issue appears in this file:

    <div class="loans-detail-prepayments" ng-class="{ 'cordova': $ctrl.isCordovaApp }">
      <p ng-repeat="data in $ctrl.loan.detail.prepayments">
        <span ng-bind-html="$ctrl.getTrustedHtml(data.text)"></span>
        <span ng-if="data.boldText" class="bold" ng-bind-html="$ctrl.getTrustedHtml(data.boldText)"></span>
        <span ng-if="data.text2" ng-bind-html="$ctrl.getTrustedHtml(data.text2)"></span>
        <span ng-if="data.boldText2" class="bold" ng-bind-html="$ctrl.getTrustedHtml(data.boldText2)"></span>
    
        <a ng-class="{bold: data.boldText}" ng-if="data.link" ui-sref="loans.{{ data.link }}">
          <span ng-bind-html="$ctrl.getTrustedHtml(data.textLink)"></span>
        </a>
        <a ng-class="{bold: data.boldText}" ng-if="data.mail" href="mailto:{{ data.mail }}" target="_blank">
          <span ng-bind-html="$ctrl.getTrustedHtml(data.textMail)"></span>
        </a>
        <span ng-if="data.text3" ng-bind-html="$ctrl.getTrustedHtml(data.text3)"></span>
      </p>
    </div>

I've tried to fix it with $sanitize, ng-bind-html, and getTrustedHtml, but none of these solutions worked.

I’m also attaching the controller file:

class LoansDetailPrepaymentsController {
  constructor($translate, $sce) {
    this.$translate = $translate;
    this.$sce = $sce;
  }

  unwrapTranslation(key) {
    return this.$translate.instant(key);
  }

  getTrustedHtml(html) {
    return this.$sce.trustAsHtml(html);
  }

  $onInit() {
    if (this.loan && this.loan.detail && this.loan.detail.prepayments) {
      this.loan.detail.prepayments = this.loan.detail.prepayments.map(prepayment => {
        return Object.assign({}, prepayment, {
          text: String(this.unwrapTranslation(prepayment.text) || ''),
          boldText: String(this.unwrapTranslation(prepayment.boldText) || ''),
          text2: String(this.unwrapTranslation(prepayment.text2) || ''),
          boldText2: String(this.unwrapTranslation(prepayment.boldText2) || ''),
          textLink: String(this.unwrapTranslation(prepayment.textLink) || ''),
          textMail: String(this.unwrapTranslation(prepayment.textMail) || ''),
          text3: String(this.unwrapTranslation(prepayment.text3) || ''),
        });
      });
    }
  }
}

LoansDetailPrepaymentsController.$inject = ['$translate', '$sce'];
export default LoansDetailPrepaymentsController;

Thank you in advance.

转载请注明原文地址:http://conceptsofalgorithm.com/Algorithm/1744203449a235910.html

securityHow to fix quotClient Potential XSSRutaquotStack Overflow

最新回复(0)