youbin/office365-self-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Harden redemption flow and improve operational safety

Browse Source
This commit is contained in:
youbin
2026-03-31 08:13:38 +08:00
parent e5bab51f98
commit de130f1052
13 changed files with 1138 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
office365_self_service/templates/admin_login.html
View File

@@ -27,6 +27,15 @@
</form>
</div>
<script>
function escapeHtml(value) {
return String(value ?? '')
.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&#39;');
}
document.getElementById('loginForm').addEventListener('submit', async (e) => {
e.preventDefault();
const formData = new FormData(e.target);
@@ -40,9 +49,9 @@
if (data.success) {
window.location.href = '/admin/';
} else {
document.getElementById('message').innerHTML = `<div class="alert alert-danger">${data.message}</div>`;
document.getElementById('message').innerHTML = `<div class="alert alert-danger">${escapeHtml(data.message)}</div>`;
}
});
</script>
</body>
</html>
</html>