From e48c2053dfef4fb9209e3d432738b8fef6b8d507 Mon Sep 17 00:00:00 2001 From: hackademix Date: Mon, 10 Feb 2020 08:53:22 +0100 Subject: [XSS] Abort on InjectionChecker timeouts. --- src/xss/XSS.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/xss/XSS.js b/src/xss/XSS.js index f41e2a2..aba48ca 100644 --- a/src/xss/XSS.js +++ b/src/xss/XSS.js @@ -60,7 +60,7 @@ var XSS = (() => { error(e, "XSS filter processing %o", xssReq); if (e instanceof TimingException) { // we don't want prompts if the request expired / errored first - return; + return ABORT; } reasons = { urlInjection: true }; data = [e.toString()]; -- cgit v1.2.3