From 4952f972b40d09c65f7f51b4e9c6c9b9837b7298 Mon Sep 17 00:00:00 2001 From: Martin Rohrmeier Date: Mon, 16 Sep 2024 10:36:28 +0200 Subject: [PATCH] fix(login): escape quotes in names (#171) --- .../catenax-central/login/resources/js/Main.js | 14 +++++++++++++- .../catenax-central/login/test.html | 2 +- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/import/keycloak-themes/catenax-central/login/resources/js/Main.js b/import/keycloak-themes/catenax-central/login/resources/js/Main.js index 93e7ad61..d9385d55 100644 --- a/import/keycloak-themes/catenax-central/login/resources/js/Main.js +++ b/import/keycloak-themes/catenax-central/login/resources/js/Main.js @@ -63,6 +63,14 @@ const addEvents = (node, evts) => { return node } +const escapeNames = (string) => string + .split('\n') + .map(line => line.match(/^\s+"name": "/) + ? `"name": "${line.trim().substring(9, line.trim().length - 2).replaceAll('"', "\\\"")}",` + : line + ) + .join('\n') + const getSelectedIDP = (providers) => { let idp try { @@ -270,7 +278,11 @@ window.onload = () => { document.head.appendChild(icon) } icon.href = 'data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAAAXNSR0IArs4c6QAABT1JREFUaEPlWT1MY0cQ/ubZkEhJ4TRJS9oIg9FhpFSBpDgp8SNcF0xxRkkPaS8Fpri0QJ8I7iTs64AzKZNAFQkjYWyU9qBMmoCUSLnEZqJ9frbfz+6+fTa6QLKlPW9nvtnZ+WZmCQMu3kQKr2EFQAGECZrH+YBbxvqcYkkHhLmMaTA2AYw4fxFmaB4Hg+wZ99u+AXAJawCWfQrvAgA3ZH4EkAl5604AKGELwEPpUd8RAC+6MR9EcUcAsPKi/R8B7PyUGUkmmw+JaITZzWbAJZgOmi1r78H7NW1ajpWFeBsZEE5u4gSE4UNDrRVmFCJS567FrdVPpn6uyeSMAXAZK2AUtcoMQmjnJJNKNFsrFEzBUQTAtGxP1TfC1y7iQy5jxCWr6SgdILyrY+Lvjt7LsJXY8YRK5JZeASJs5SYbi77fdDvwNpZAjtdTBpquKK+Wq1RHVwDSn6CBEhBv2JNnXQKVhpBDVq9jDdHx2VPJWKQFhyN8S3j9mpKbAIeJz8RgqQzP2Nkzp2QJAdAyrVzhlSjkKI/d4N+Vo7ElEK/3baf6wwM725gJAejD+EMQCsG4b6fGlijyou9Nz8hDAjlOYPAcgA90wIeH6Z374/VffSfAJQhvLRl4THi9SHlH3rdcr5veGzBwRYSCPdnwnWDlKL0FUpQsQqNFs/a9eqULwC2NRZEWtU5BmAt5/SSTSjYdrwvvGS0C9v5OJgoPJmqXsg8qx+kaGOOy/wg0n8vWn3kB7ILxqVYzY5UWwlxQOU7PuanWJFs5XrdAxVy2rr0flePRdTDJI8LlBQcAP8UbSOL3CONDWUaQUlyvAzhsNhOFYIng8I3IKp6OrlIdKwIsur3QYvDXs9mzr9oASvgQwPcaABuU9zcvleroNBFtmpKSzutccsJOhF+K8r3MaA7gGT7DNcpKAC/xFi2iG6fPq+m1WKUA4dS6bhWC9Yyb9Xz3pj8AZXwOxjdSAIQ9mu9dzP3q2DKDRTtpuGjVztZDDOz1unej/gBs4zEIj6QWBS5upTp2YsSqeq+LuPb3067yVwAgrW5oOh4g3mgmksVgegxNMSQe+5cB0AVwXejUKV77pFOMWwWA8aQ5lFgOeb3dBImLalLMnVK+J2eehWLdAX8IqUoBJz2bNEG+Y/IT5X41vcuQkyuBvshl69+2eaBPAKpSwG2Cdgy93oHg4xqXJH9TpTpfKREXgPA6GMuzU41Q/R+zCRL2SctxbRkBIGHRRx/fq/8Q+wREg/JXa/hSWgq056TmJTRhD3+i4CVJgej5UbpA7XujXMPD9Ob98fofHQCPQHiskA6VEUE5FSlp9A/UBInQzWUbTtXbBqAvJWqUx4TMGFkpYEDPN9AEBVpKLsEWJ6dRvk55fBnI690CzMDoTqwP3gTJmnp+ireRxC8RhogmunNpxTDKPNaBG2qC6KKZtDJeruk1NCXnYULbhxp62i92Q00QCKfNRGI6SJReACIkRO6+qXUqxjK0gNBI0CTLeI3QtZ7Bpl49+48DS+H1zhb7x+kXJo2QSesZngsNFkoX7phF+U7mjlzEG4N+Kcrx4Efyydw2iiDn5THO2sBLFIOkFNxAtKIARUw/5E2QzBjldNoZpVsoRk4qAGleVyGPAmBxa0I1So8FoCPsFmZzIOdJVYxNUiCc4xo1WDiI+6waBcDONoxH/l0mjhMng8r+xwHQhZ2ttx/NDVes4zLcUyumPQHGE3uqEfXk5Nv/9gBQMG2U024HgECBFmV0gKXjiA8u6w8h9RTDVNMrPwH3lfKciLdksyNTwzty/wATsrFPLbsvywAAAABJRU5ErkJggg==' - const CX_PROVIDERS = JSON.parse([...document.getElementById('providers').childNodes].map(n => n.data).join('')).slice(0,-1) + const CX_PROVIDERS = JSON.parse( + escapeNames( + [...document.getElementById('providers').childNodes].map(n => n.data).join('') + ) + ).slice(0,-1) while (document.body.childNodes.length > 0) { document.body.removeChild(document.body.firstChild) } diff --git a/import/keycloak-themes/catenax-central/login/test.html b/import/keycloak-themes/catenax-central/login/test.html index 3b7d4f5a..c1652dea 100644 --- a/import/keycloak-themes/catenax-central/login/test.html +++ b/import/keycloak-themes/catenax-central/login/test.html @@ -118,7 +118,7 @@

"url": "/auth/realms/CX-Central/broker/idp7/login?client_id=Cl2-CX-Portal&tab_id=X44xL94zCV0&session_code=uGiU8qFSbjuV4cduHJGUp8NsO1LEUywY8KRY589N5Zw" }, { - "name": "Martins OWN", + "name": "Martin's "OWN" IdP 中國", "alias": "idp9", "provider": "oidc", "url": "/auth/realms/CX-Central/broker/idp9/login?client_id=Cl2-CX-Portal&tab_id=X44xL94zCV0&session_code=uGiU8qFSbjuV4cduHJGUp8NsO1LEUywY8KRY589N5Zw"