MoeFurina/NeteaseCloudMusicApiEnhanced
1
0
Fork 0
mirror of https://github.com/NeteaseCloudMusicApiEnhanced/api-enhanced.git synced 2026-03-21 11:03:15 +00:00
Code Issues Packages Projects Releases Activity

Potential fix for code scanning alert no. 15: DOM text reinterpreted as HTML

Browse Source 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
This commit is contained in:
ElyPrism 2026-02-06 20:07:23 +08:00 committed by GitHub
parent 7772431cb7
commit 51a958936c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
public/audio_match_demo/index.html
View File

@ -319,10 +319,20 @@
else
micSourceNode.connect(recorderNode)
})
function escapeHtml(str) {
return String(str)
.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&#39;')
.replace(/\//g, '&#x2F;');
}
file.addEventListener('change', event => {
file.files[0].arrayBuffer().then(
async buffer => {
logs.write(`[index] 文件 ${file.files[0].name} 已加载`)
const safeName = escapeHtml(file.files[0].name)
logs.write(`[index] 文件 ${safeName} 已加载`)
audio.src = window.URL.createObjectURL(new Blob([buffer]))
clip.disabled = false
})