joachim/FileRise
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

setAttribute + encodeURI to avoid “DOM text reinterpreted as HTML” alerts

Browse Source
This commit is contained in:
Ryan
2025-05-14 07:00:04 -04:00
committed by GitHub
parent 87368143b5
commit 1add160f5d
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
public/js/authModals.js
View File

@@ -349,6 +349,9 @@ export async function openUserPanel() {
if (!f) return;
// preview immediately
img.src = URL.createObjectURL(f);
const blobUrl = URL.createObjectURL(f);
// use setAttribute + encodeURI to avoid “DOM text reinterpreted as HTML” alerts
img.setAttribute('src', encodeURI(blobUrl));
// upload
const fd = new FormData();
fd.append('profile_picture', f);