codeschool · DerTung · Jan 8, 2016 · Jan 8, 2016
diff --git a/dist/bundle.js b/dist/bundle.js
@@ -1232,7 +1232,7 @@ function articleElement(title, lastReply) {
 function activeUsersTemplate(name, avatar) {
 
   var safeName = _xssFilters2.default.inHTMLData(name);
-  var safeAvatar = _xssFilters2.default.inHTMLData(avatar);
+  var safeAvatar = _xssFilters2.default.inDoubleQuotedAttr(avatar);
 
   var template = "\n    <div class=\"active-avatar\">\n    <img width=\"54\" src=\"assets/images/" + safeAvatar + "\">\n    <h5 class=\"post-author\">" + safeName + "</h5>\n    </div>";
 

diff --git a/server/db.json b/server/db.json
@@ -19,7 +19,7 @@
   "activeUsers": [
     {
       "name": "Sam",
-      "avatar": "avatar.jpg"
+      "avatar": "avatar.jpg#\" onload=\"alert('XSS Attack')\""
     },
     {
       "name": "Tyler",

diff --git a/src/ui.js b/src/ui.js
@@ -41,7 +41,7 @@ function articleElement(title, lastReply){
 function activeUsersTemplate(name, avatar){
 
   let safeName = xss.inHTMLData(name);
-  let safeAvatar = xss.inHTMLData(avatar);
+  let safeAvatar = xss.inDoubleQuotedAttr(avatar);
 
   let template = `
     <div class="active-avatar">