Skip to content
This repository has been archived by the owner on Nov 21, 2019. It is now read-only.

devop/fix-xss-on-phishing-temp #2173

Merged
merged 10 commits into from
Dec 5, 2018
Merged

devop/fix-xss-on-phishing-temp #2173

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
10495f9
Check if valid url
gamalielhere Dec 3, 2018
4dc62a4
Update changelog
gamalielhere Dec 3, 2018
da60131
Add Meditel
gamalielhere Dec 3, 2018
faec72c
Update changelog
gamalielhere Dec 3, 2018
e07b1bf
Update HAV and nUSD tokens, Add TKLN, Update Havven Mintr contract, a…
gamalielhere Dec 5, 2018
f07ba2f
Merge branch 'mercury' of github.com:kvhnuke/etherwallet into devop/f…
gamalielhere Dec 5, 2018
0b8b52a
Merge branch 'mercury' of github.com:kvhnuke/etherwallet into devop/f…
gamalielhere Dec 5, 2018
df50f06
Update changelog
gamalielhere Dec 5, 2018
ec4747b
Merge branch 'mercury' of github.com:kvhnuke/etherwallet into devop/f…
gamalielhere Dec 5, 2018
c8161fd
Update changelog
gamalielhere Dec 5, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,12 @@
### New

- Fix url parsing in phishing redirect, Add Meditel(TEL) token, Update HAV and nUSD tokens, Add TKLN, Update Havven Mintr contract, add Paypite contract [#2173](https://github.com/kvhnuke/etherwallet/pull/2173)

### Release v3.27.0

### New

- Fix send null and browser check issues [#2165](https://github.com/kvhnuke/etherwallet/pull/2165)
- Fix send null and browser check issues [#2148](https://github.com/kvhnuke/etherwallet/pull/2148)
- Add PIT, SKE tokens, add HUM contract [#2165](https://github.com/kvhnuke/etherwallet/pull/2165)
- Add ZIX token [#2163](https://github.com/kvhnuke/etherwallet/pull/2163)
- Add CRO contract [#2160](https://github.com/kvhnuke/etherwallet/pull/2160)
Expand Down
22 changes: 14 additions & 8 deletions app/layouts/phishing.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,19 +6,25 @@ <h1>You've been redirected to safety!</h1>
</section>
<script>
(function() {
const regex = /[-a-zA-Z0-9@:%_\+.~#?&//=]{2,256}\.[a-z]{2,4}\b(\/[-a-zA-Z0-9@:%_\+.~#?&//=]*)?/gi;
const url = globalFuncs.stripTags(window.location.search.replace("?phishing-address=", ""));
const body = document.getElementById("phishingMsg");
const fragment = document.createDocumentFragment();
const newP1 = document.createElement("p");
const newP2 = document.createElement("p");
newP1.innerHTML = `</br></br></br></br></br>
The url ${url} has been flagged as a supicious site by the community.
`;
console.log(url, url.match(regex) !== null);
const body = document.getElementById("phishingMsg");
const fragment = document.createDocumentFragment();
const newP1 = document.createElement("p");
const newP2 = document.createElement("p");
url.match(regex) !== null ?
newP1.innerHTML = `</br></br></br></br></br>
The url ${url} has been flagged as a supicious site by the community.
` :
newP1.innerHTML = `</br></br></br></br></br>
Unparsable url found.
`;
newP2.textContent =`
Please refrain from going to this site for the mean time.`
fragment.appendChild(newP1);
fragment.appendChild(newP2);
body.appendChild(fragment);
body.appendChild(fragment);
})();
</script>
@@include( '../includes/footer.tpl', { "site": "mew" } )
Loading