check xss on all api methods, even /api/v1/data

author: Costa Tsaousis (ktsaou) <costa@tsaousis.gr> 2018-01-29 21:19:15 +0200
committer: Costa Tsaousis (ktsaou) <costa@tsaousis.gr> 2018-01-29 21:19:15 +0200
commit: a9eca43bcc40fa5ad7b58e3055e8a2a6a685778f (patch)
tree: 55b379707e15fdecdd8ed4639878db2cbfe8dd85 /web/index.html
parent: 1d81008b9707e078b298a1594ce7a7806c2f4df1 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/web/index.html b/web/index.html
index e8ff521c1a..d31dc57b6a 100644
--- a/web/index.html
+++ b/web/index.html
@@ -3285,7 +3285,7 @@
                 document.getElementById('loadSnapshotFilename').innerHTML = filename;
                 var result = null;
                 try {
-                    result = NETDATA.xss.checkAlways('snapshot', JSON.parse(e.target.result), '^(snapshot\.info|snapshot\.data)$');
+                    result = NETDATA.xss.checkAlways('snapshot', JSON.parse(e.target.result), /^(snapshot\.info|snapshot\.data)$/);
 
                     //console.log(result);
                     var date_after = new Date(result.after_ms);
@@ -5629,6 +5629,6 @@
         </div>
     </div>
     <div id="hiddenDownloadLinks" style="display: none;" hidden></div>
-    <script type="text/javascript" src="dashboard.js?v20180128-2"></script>
+    <script type="text/javascript" src="dashboard.js?v20180129-1"></script>
 </body>
 </html>
author	Costa Tsaousis (ktsaou) <costa@tsaousis.gr>	2018-01-29 21:19:15 +0200
committer	Costa Tsaousis (ktsaou) <costa@tsaousis.gr>	2018-01-29 21:19:15 +0200
commit	a9eca43bcc40fa5ad7b58e3055e8a2a6a685778f (patch)
tree	55b379707e15fdecdd8ed4639878db2cbfe8dd85 /web/index.html
parent	1d81008b9707e078b298a1594ce7a7806c2f4df1 (diff)