Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-25248

Item history widget freezes in Safari browser when item history contains dodgy strings

XMLWordPrintable

    • Icon: Problem report Problem report
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • 7.2.0alpha1
    • Frontend (F)

      vfs.file.contents item was used that reads the file with contents taken from here: big-list-of-naughty-strings

      Result:

      I cannot click anything..
      After couple of minutes - it may start responding occasionally, but it it still very slow and still freezes anyway.
      The size of the file is not that large - only ~740 lines.
      On Chrome and Firefox - there are no issues. and they are not slowed in any way.

      The cause could be in the "Script Injection" block of lines:

      <script>alert(0)</script>
      &lt;script&gt;alert(&#39;1&#39;);&lt;/script&gt;
      <img src=x onerror=alert(2) />
      <svg><script>123<1>alert(3)</script>
      ...
      etc - other script injections..
      ...
      

        1. Artjoms Dashboard.jpg
          1.27 MB
          Artjoms Rimdjonoks
        2. blns.txt
          28 kB
          Artjoms Rimdjonoks
        3. Screenshot 2024-09-18 at 10.31.48.png
          884 kB
          Edgar Akhmetshin

            zabbix.dev Zabbix Development Team
            arimdjonoks Artjoms Rimdjonoks
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: