Add DoS prevention to decodeHtml function in get-logs component

Added maximum iteration limit (maxIterations = 3) to the decodeHtml function to prevent potential DoS attacks from deeply nested HTML entities. This matches the implementation in deployment/show.blade.php and ensures the function cannot be exploited for excessive CPU usage. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-04 13:46:25 +01:00 · 2025-12-04 13:46:25 +01:00 · 1b4de18323
commit 1b4de18323
parent bf8dcac88c
1 changed files with 6 additions and 2 deletions
--- a/resources/views/livewire/project/shared/get-logs.blade.php
+++ b/resources/views/livewire/project/shared/get-logs.blade.php
@ -48,13 +48,17 @@
            return line.toLowerCase().includes(this.searchQuery.toLowerCase());
        },
        decodeHtml(text) {
-            // Decode HTML entities, handling double-encoding
+            // Decode HTML entities, handling double-encoding with max iteration limit to prevent DoS
            let decoded = text;
            let prev = '';
-            while (decoded !== prev) {
+            let iterations = 0;
+            const maxIterations = 3; // Prevent DoS from deeply nested HTML entities
+
+            while (decoded !== prev && iterations < maxIterations) {
                prev = decoded;
                const doc = new DOMParser().parseFromString(decoded, 'text/html');
                decoded = doc.documentElement.textContent;
+                iterations++;
            }
            return decoded;
        },