aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorkaotisk <kaotisk@arching-kaos.org>2024-06-04 03:54:18 +0300
committerkaotisk <kaotisk@arching-kaos.org>2024-06-04 03:54:18 +0300
commit9f8e07ff3fc7dc361e8d760f8f4535645ac056e6 (patch)
tree9328333b940f2f788db090dfd3791bb968aa2852
parentd26ef04bcccc9917b7524548a27cfa189d65d5d0 (diff)
downloadarching-kaos-tools-9f8e07ff3fc7dc361e8d760f8f4535645ac056e6.tar.gz
arching-kaos-tools-9f8e07ff3fc7dc361e8d760f8f4535645ac056e6.tar.bz2
arching-kaos-tools-9f8e07ff3fc7dc361e8d760f8f4535645ac056e6.zip
XSS something
-rwxr-xr-xapi/index.js1
-rw-r--r--api/routes/getMrk/index.js2
-rw-r--r--api/routes/getTr/index.js2
3 files changed, 5 insertions, 0 deletions
diff --git a/api/index.js b/api/index.js
index 33f3402..cb84d25 100755
--- a/api/index.js
+++ b/api/index.js
@@ -77,6 +77,7 @@ app.use(session({
function genericaddtest(req,res){
console.table(req.body)
var myobj = req.body;
+ res.set('Content-Type', 'application/json');
res.send(myobj);
}
// POST data
diff --git a/api/routes/getMrk/index.js b/api/routes/getMrk/index.js
index 7e48e1d..097f1f0 100644
--- a/api/routes/getMrk/index.js
+++ b/api/routes/getMrk/index.js
@@ -11,6 +11,7 @@ const config = require("../../config");
*/
function fetchFmrk(mrk, res){
const command = spawn("cat",[config.workDir+"/fmrk/"+mrk]);
+ res.set('Content-Type', 'application/json');
command.stdout.on("data", data => {
});
@@ -44,6 +45,7 @@ function fetchFmrk(mrk, res){
};
module.exports = (req, res) => {
console.log(req.params)
+ res.set('Content-Type', 'application/json');
if ( (req.params.mrk) && req.params.mrk.length === 128 ){
regex= /[a-f0-9]{128}/;
if (regex.test(req.params.mrk)){
diff --git a/api/routes/getTr/index.js b/api/routes/getTr/index.js
index c3c058f..a7acb55 100644
--- a/api/routes/getTr/index.js
+++ b/api/routes/getTr/index.js
@@ -24,6 +24,7 @@ function fetchFtr(tr, res){
command.on("close", code => {
console.log(`child process exited with code ${code}`);
+ res.set('Content-Type', 'application/json');
if ( code === 0 ) {
const path = config.workDir+"/ftr/"+tr;
@@ -44,6 +45,7 @@ function fetchFtr(tr, res){
};
module.exports = (req, res) => {
console.log(req.params)
+ res.set('Content-Type', 'application/json');
if ( (req.params.tr) && req.params.tr.length === 128 ){
regex= /[a-f0-9]{128}/;
if (regex.test(req.params.tr)){