implemented sanitizing

js/9.9.9/createTemplate.js

@@ -1,6 +1,6 @@
 import {setNewTemplate, loadTemplate} from "./web.js";
-import { retrieveData } from "./storage.js";
 import { hideMenus, modalNotifier } from "./evts.js";
+import { sanitize } from "./scripts.js";
 
 function createTemplate(template = false) {
 
@@ -8,7 +8,6 @@ function createTemplate(template = false) {
     //set current page value in activeState object
     activeState.activePage = "createTemplate";
 
-  
     if (screen.width > 992) {
       document.getElementById("siteTitle").innerHTML = "Manage templates";
     } else {
@@ -145,7 +144,7 @@ function createTemplate(template = false) {
             case "Save":
                 let fileName;
                 let userFileNameField = document.getElementById("userFileName");
-                let userFileName = userFileNameField.value;
+                let userFileName = sanitize(userFileNameField.value);
                 let userFileNamePH = userFileNameField.getAttribute("placeholder");
                 if (userFileName.length != 0) {
                     fileName = userFileName;

js/9.9.9/form.js

@@ -251,11 +251,8 @@ function formEvts() {
   document.getElementById("sidebar").addEventListener("click", (e) => {
     if (e.target) {
       if (e.target.id == "sb-submit") {
-        if (screen.width < 993) {
-          showSidebar();
-        }
         parseFormOnSubmit();
-        focusOnField("output");
+        modalNotifier("File saved and copied to clipboard", 2);
       }
       if (e.target.id == "sb-item") {
         setTimeout(() => {

js/9.9.9/parseForm.js

@@ -1,3 +1,4 @@
+import { sanitize } from "./scripts.js";
 import { storeData, clearData, retrieveData } from "./storage.js";
 
 function parseFormOnSubmit(returnJSON = false, parseOnly = false) {
@@ -43,7 +44,7 @@ function parseFormOnSubmit(returnJSON = false, parseOnly = false) {
 
       //set filename to active state according to userFileName field from loadTemplate
       let userFileNameField = document.getElementById("userFileName");
-      let userFileName = userFileNameField.value;
+      let userFileName = sanitize(userFileNameField.value);
       let userFileNamePH = userFileNameField.getAttribute("placeholder");
       if (userFileName.length != 0) {
         activeState.fileName = userFileName;

js/9.9.9/scripts.js

@@ -47,7 +47,7 @@ export const passwordHash = {
 
 function setPassword() {
   let x = document.getElementById("loginForm");
-  let pw = x.elements[0].value;
+  let pw = sanitize(x.elements[0].value);
 
   if (pw != "" || pw !== "undefined") {
     let pwOld = pw;
@@ -164,4 +164,22 @@ export function logout() {
   document.getElementById("login").style.display = "block"; 
 }
 
+
+
+export function sanitize(string) {
+  const map = {
+      '&': '_',
+      '<': '_',
+      '>': '_',
+      '"': '_',
+      "'": '_',
+      '/': '_',
+      '`': '_',
+      '=': '_'
+  };
+  const reg = /[&<>"'/]/ig;
+  console.log(string.replace(reg, (match)=>(map[match])));
+  return string.replace(reg, (match)=>(map[match]));
+}
+
 export default setPassword;

js/9.9.9/storage.js

@@ -1,6 +1,6 @@
 import XORCipher from "./xorc.js";
 import sha256 from "./sha256.min.js";
-import { getUsrId, passwordHash } from "./scripts.js";
+import { getUsrId, passwordHash, sanitize } from "./scripts.js";
 
 
 function createStorageObj() {
@@ -19,10 +19,10 @@ function createStorageObj() {
   //console.log(this, dataArray);
 
   let userFileNameField = document.getElementById("userFileName");
-  let userFileName = userFileNameField.value;
+  let userFileName = sanitize(userFileNameField.value);
   let userFileNamePH = userFileNameField.getAttribute("placeholder");
   if (userFileName.length != 0) {
-    activeState.fileName = userFileName.replace;
+    activeState.fileName = userFileName;
     //clear old data as file switches to new filename
     if (userFileNamePH.length != 0) {
       clearData(userFileNamePH);