davebluke
/
ctbrec
forked from j62/ctbrec
1
0
Fork 0
Code Pull Requests Activity

Escape passwords before injecting them 

Escape quotes in passwords before injecting them into the external
browser, so that the injected javascript is valid and doesn't break
This commit is contained in:
0xb00bface 2020-07-19 16:35:38 +02:00
parent 7462d68d7b
commit d96b9a1380
5 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
client/src/main/java/ctbrec/ui/sites/bonga/BongaCamsElectronLoginDialog.java
View File

@ -63,6 +63,7 @@ public class BongaCamsElectronLoginDialog {
} }
String password = Config.getInstance().getSettings().bongaPassword; String password = Config.getInstance().getSettings().bongaPassword;
if (password != null && !password.trim().isEmpty()) { if (password != null && !password.trim().isEmpty()) {
password = password.replace("'", "\\'");
browser.executeJavaScript("$('input[name=\"log_in[password]\"]').attr('value','" + password + "')"); browser.executeJavaScript("$('input[name=\"log_in[password]\"]').attr('value','" + password + "')");
} }
String[] simplify = new String[] { String[] simplify = new String[] {

1
client/src/main/java/ctbrec/ui/sites/cam4/Cam4ElectronLoginDialog.java
View File

@ -62,6 +62,7 @@ public class Cam4ElectronLoginDialog {
} }
String password = Config.getInstance().getSettings().cam4Password; String password = Config.getInstance().getSettings().cam4Password;
if (password != null && !password.trim().isEmpty()) { if (password != null && !password.trim().isEmpty()) {
password = password.replace("'", "\\'");
browser.executeJavaScript("document.querySelector('#loginPageForm input[name=\"password\"]').value = '" + password + "';"); browser.executeJavaScript("document.querySelector('#loginPageForm input[name=\"password\"]').value = '" + password + "';");
} }
browser.executeJavaScript("document.getElementById('footer').setAttribute('style', 'display:none');"); browser.executeJavaScript("document.getElementById('footer').setAttribute('style', 'display:none');");

1
client/src/main/java/ctbrec/ui/sites/jasmin/LiveJasminElectronLoginDialog.java
View File

@ -60,6 +60,7 @@ public class LiveJasminElectronLoginDialog {
} }
String password = Config.getInstance().getSettings().livejasminPassword; String password = Config.getInstance().getSettings().livejasminPassword;
if (password != null && !password.trim().isEmpty()) { if (password != null && !password.trim().isEmpty()) {
password = password.replace("'", "\\'");
browser.executeJavaScript("document.querySelector('#login_form input[name=\"password\"]').value = '" + password + "';"); browser.executeJavaScript("document.querySelector('#login_form input[name=\"password\"]').value = '" + password + "';");
} }
browser.executeJavaScript("document.getElementById('header_container').setAttribute('style', 'display:none');"); browser.executeJavaScript("document.getElementById('header_container').setAttribute('style', 'display:none');");

1
client/src/main/java/ctbrec/ui/sites/showup/ShowupElectronLoginDialog.java
View File

@ -84,6 +84,7 @@ public class ShowupElectronLoginDialog {
} }
String password = Config.getInstance().getSettings().showupPassword; String password = Config.getInstance().getSettings().showupPassword;
if (password != null && !password.trim().isEmpty()) { if (password != null && !password.trim().isEmpty()) {
password = password.replace("'", "\\'");
browser.executeJavaScript("$('input[name=\"password\"]').attr('value','" + password + "')"); browser.executeJavaScript("$('input[name=\"password\"]').attr('value','" + password + "')");
} }
browser.executeJavaScript("$('input[name=\"remember\"]').attr('value','true')"); browser.executeJavaScript("$('input[name=\"remember\"]').attr('value','true')");

1
client/src/main/java/ctbrec/ui/sites/stripchat/StripchatElectronLoginDialog.java
View File

@ -62,6 +62,7 @@ public class StripchatElectronLoginDialog {
} }
String password = Config.getInstance().getSettings().stripchatPassword; String password = Config.getInstance().getSettings().stripchatPassword;
if (password != null && !password.trim().isEmpty()) { if (password != null && !password.trim().isEmpty()) {
password = password.replace("'", "\\'");
browser.executeJavaScript("document.querySelector('#login_password').value = '" + password + "';"); browser.executeJavaScript("document.querySelector('#login_password').value = '" + password + "';");
} }
browser.executeJavaScript("document.querySelector('#recaptcha-checkbox-border').click();"); browser.executeJavaScript("document.querySelector('#recaptcha-checkbox-border').click();");