Skip to content

Instantly share code, notes, and snippets.

@ramchiranjeevi

ramchiranjeevi/application.controller.js

Created October 23, 2015 08:55
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save ramchiranjeevi/d93ecfcca692921b101d to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save ramchiranjeevi/d93ecfcca692921b101d to your computer and use it in GitHub Desktop.
Download ZIP
OutPut Encoding demo
Raw
application.controller.js
import Ember from 'ember';
export default Ember.Controller.extend({
res_name:'<img src=x onerror=alert(1)>',
enc_res_name: '&lt;img src&#x3d;x onerror&#x3d;alert&#x28;1&#x29;&gt; test asdf as dfasd fasd fad fasd fa dsf', enc_attr_res_name:'&lt;img&#x20;src&#x3d;x&#x20;onerror&#x3d;alert&#x28;1&#x29;&gt;&#x20;test&#x20;asdf&#x20;as&#x20;dfasd&#x20;fasd&#x20;fad&#x20;fasd&#x20;fa&#x20;dsf',
enc_url_res_name:'%3Cimg+src%3Dx+onerror%3Dalert%281%29%3E+test+asdf+as+dfasd+fasd+fad+fasd+fa+dsf',
image_over: '<img onmouseover=“alert(‘haii’)"/>'
});
Raw
application.template.hbs
<h1 title="{{res_name}}">Welcome to {{res_name}}</h1>
<h1 title="{{{res_name}}}">Welcome to {{{res_name}}}</h1>
<h1 title="{{enc_res_name}}">Welcome to {{enc_res_name}}
</h1>
<h1 title="{{enc_attr_res_name}}">Welcome to {{enc_attr_res_name}}
</h1>
<h1 title="{{enc_url_res_name}}">Welcome to {{enc_url_res_name}}
</h1>
<h1 title="{{image_over}}">Welcome to {{{image_over}}}
</h1>
<br>
<br>
{{outlet}}
<br>
<br>
Raw
twiddle.json
{
"version": "0.4.13",
"dependencies": {
"jquery": "https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.js",
"ember": "https://cdnjs.cloudflare.com/ajax/libs/ember.js/1.11.3/ember.debug.js",
"ember-template-compiler": "https://cdnjs.cloudflare.com/ajax/libs/ember.js/1.11.3/ember-template-compiler.js"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment