diff options
| -rw-r--r-- | src/xss/InjectionChecker.js | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/xss/InjectionChecker.js b/src/xss/InjectionChecker.js index f7605e5..e908d21 100644 --- a/src/xss/InjectionChecker.js +++ b/src/xss/InjectionChecker.js @@ -183,7 +183,7 @@ XSS.InjectionChecker = (async () => { return this.reduceJSON(s.replace(expr, REPL)); } } catch (e) {} - let iterations = 0; + for (;;) { let prev = s; let start = s.indexOf("{"); @@ -1002,7 +1002,7 @@ XSS.InjectionChecker = (async () => { return true; } - if (s.indexOf("coalesced:") !== 0) { + if (!isPost && s.indexOf("coalesced:") !== 0) { let coalesced = ASPIdiocy.coalesceQuery(s); if (coalesced !== s && this.checkRecursive("coalesced:" + coalesced, depth, isPost)) return true; |