Open dsteb opened 11 years ago
The problem is in wrong usage of «String.replace». If there are several occurancies of identical characters in string, «String.replace» is replacing only first always. And the cycle goes forever.
«^1%» ^ replaces to %5E, but last % replaces first % to %25 again, and we gets %255E%, and it's forever %2525E% ... %252525E% ....
The solution is replace character at position: 446: »»» string = string.replace(string[i], escape(string[i])); 446: string = string.substring(0, i) + escape(string[i]) + string.substring(i + 1);
function xssPrevent(string, flag) goes in infinity loop if the text in input is something like «^1%». It's because of escaping in for loop:
master/jquery.fcbkcomplete.js:lines 441-448:
Javascripts hangs up and browser hangs up.