Open boosty opened 9 years ago
Currently the live stream and the error list views don't escape html specials chars (such as < > &) in the log excerpt correctly.
< > &
Example log line:
Riak client error: #<SocketError: Unexpected EOF on PBC socket> for #<Riak::Client::Beefcake>
The live stream does not seem to escape it at all (which could cause XSS):
Riak client error: # for #
The error list view seems to double-escape it:
Riak client error: #<SocketError: Unexpected EOF on PBC socket> for #<Riak::Client::Beefcake>
Currently the live stream and the error list views don't escape html specials chars (such as
< > &) in the log excerpt correctly.Example log line:
The live stream does not seem to escape it at all (which could cause XSS):
The error list view seems to double-escape it: