encode initial state json for more secure and reliable inclusion in rendered page

This commit is contained in:
Adam Brown 2017-01-04 16:15:09 +00:00
parent bd7161a727
commit 70a22ad5ff
2 changed files with 3 additions and 4 deletions

View File

@ -19,7 +19,7 @@ import LocalStorage from './LocalStorage'
//initial state is rehydrated from the server
const initialState = window.__INITIAL_STATE__
const initialState = JSON.parse(decodeURI(window.__INITIAL_STATE__))
//create the redux store
//initial state is retrieved from localStore
@ -47,4 +47,4 @@ function render() {
}
render()

View File

@ -54,7 +54,6 @@ const pageTemplate = (body) => {
<link rel="icon" type="image/png" sizes="96x96" href="dist/favicon-96x96.png">
<link rel="icon" type="image/png" sizes="16x16" href="dist/favicon-16x16.png">
</head>
<body>
${body}
@ -81,7 +80,7 @@ function appTemplate(html, initialState) {
<div id="root">${html}</div>
<script>
window.__INITIAL_STATE__ = ${JSON.stringify(initialState)}
window.__INITIAL_STATE__ = "${encodeURI(JSON.stringify(initialState,null,2))}"
</script>
<!-- <script>__REACT_DEVTOOLS_GLOBAL_HOOK__ = parent.__REACT_DEVTOOLS_GLOBAL_HOOK__</script> -->
<script type="text/javascript" src="dist/browser-bundle.js"></script>