From 281b2db2f29b9e822b6e22d11211eb98e791aa68 Mon Sep 17 00:00:00 2001
From: mat <git@matdoes.dev>
Date: Sun, 17 Mar 2024 22:16:21 -0500
Subject: [PATCH] fix xss in dictionary, ip, and stackexchange

meow
---
 src/engines/answer/dictionary.rs        | 1 +
 src/engines/answer/ip.rs                | 5 ++++-
 src/engines/answer/useragent.rs         | 5 ++++-
 src/engines/postsearch/stackexchange.rs | 5 +++++
 4 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/engines/answer/dictionary.rs b/src/engines/answer/dictionary.rs
index 304232b..2d7f80f 100644
--- a/src/engines/answer/dictionary.rs
+++ b/src/engines/answer/dictionary.rs
@@ -73,6 +73,7 @@ pub fn parse_response(HttpResponse { res, body }: &HttpResponse) -> eyre::Result
 
     html.push_str(&format!(
         "<h2 class=\"answer-dictionary-word\"><a href=\"https://en.wiktionary.org/wiki/{mediawiki_key}\">{word}</a></h2>",
+        mediawiki_key = html_escape::encode_text(mediawiki_key),
         word = html_escape::encode_text(&word),
     ));
 
diff --git a/src/engines/answer/ip.rs b/src/engines/answer/ip.rs
index d30bffc..2b56410 100644
--- a/src/engines/answer/ip.rs
+++ b/src/engines/answer/ip.rs
@@ -9,5 +9,8 @@ pub fn request(query: &SearchQuery) -> EngineResponse {
 
     let ip = &query.ip;
 
-    EngineResponse::answer_html(format!(r#"<h3><b>{ip}</b></h3>"#))
+    EngineResponse::answer_html(format!(
+        r#"<h3><b>{ip}</b></h3>"#,
+        ip = html_escape::encode_text(ip)
+    ))
 }
diff --git a/src/engines/answer/useragent.rs b/src/engines/answer/useragent.rs
index 7225439..9d325ef 100644
--- a/src/engines/answer/useragent.rs
+++ b/src/engines/answer/useragent.rs
@@ -12,7 +12,10 @@ pub fn request(query: &SearchQuery) -> EngineResponse {
     let user_agent = query.request_headers.get("user-agent");
 
     EngineResponse::answer_html(if let Some(user_agent) = user_agent {
-        format!("<h3><b>{user_agent}</b></h3>")
+        format!(
+            "<h3><b>{user_agent}</b></h3>",
+            user_agent = html_escape::encode_text(user_agent)
+        )
     } else {
         "You don't have a user agent".to_string()
     })
diff --git a/src/engines/postsearch/stackexchange.rs b/src/engines/postsearch/stackexchange.rs
index fc04854..932dab0 100644
--- a/src/engines/postsearch/stackexchange.rs
+++ b/src/engines/postsearch/stackexchange.rs
@@ -48,6 +48,11 @@ pub fn parse_response(body: &str) -> Option<String> {
         .html()
         .to_string();
 
+    let answer_html = ammonia::Builder::default()
+        .url_relative(ammonia::UrlRelative::RewriteWithBase(url.clone()))
+        .clean(&answer_html)
+        .to_string();
+
     let url = format!("{url}#{answer_id}");
 
     Some(format!(