Skip to content

Commit bf5a220

Browse files
jdomeracki-coderjdomeracki-coder
authored
fix: escape agent log HTML (#25808) (#26259)
1 parent fad8efd commit bf5a220

2 files changed

Lines changed: 24 additions & 1 deletion

File tree

site/src/modules/resources/AgentLogs/AgentLogLine.test.tsx

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
import { screen } from "@testing-library/react";
2+
import type { Line } from "#/components/Logs/LogLine";
3+
import { renderComponent } from "#/testHelpers/renderHelpers";
4+
import { AgentLogLine } from "./AgentLogLine";
5+
6+
const line: Line = {
7+
id: 1,
8+
level: "info",
9+
output: 'safe <span data-testid="agent-log-xss">xss</span>',
10+
sourceId: "source-id",
11+
time: "2024-03-14T11:31:04.090715Z",
12+
};
13+
14+
describe("AgentLogLine", () => {
15+
it("renders log HTML as escaped text", () => {
16+
renderComponent(<AgentLogLine line={line} sourceIcon={null} style={{}} />);
17+
18+
expect(screen.queryByTestId("agent-log-xss")).not.toBeInTheDocument();
19+
expect(
20+
screen.getByText(/safe <span data-testid="agent-log-xss">xss<\/span>/),
21+
).toBeInTheDocument();
22+
});
23+
});

site/src/modules/resources/AgentLogs/AgentLogLine.tsx

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ import { type Line, LogLine, LogLinePrefix } from "#/components/Logs/LogLine";
55
// Approximate height of a log line. Used to control virtualized list height.
66
export const AGENT_LOG_LINE_HEIGHT = 20;
77

8-
const convert = new AnsiToHTML();
8+
const convert = new AnsiToHTML({ escapeXML: true });
99

1010
interface AgentLogLineProps {
1111
line: Line;

0 commit comments

Comments
 (0)