From fe0b48f0ed056c3ca2640fe42cf55d5cd6fa43f3 Mon Sep 17 00:00:00 2001
From: Mirko Zitkovich <73123551+MirkoZETA@users.noreply.github.com>
Date: Wed, 5 Mar 2025 00:26:17 -0300
Subject: [PATCH 1/2] Potential fix for code scanning alert no. 6: Reflected
 server-side cross-site scripting

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 backend.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/backend.py b/backend.py
index 30b7322..d2ee703 100644
--- a/backend.py
+++ b/backend.py
@@ -6,6 +6,7 @@
 from utils.helpers import *
 import time
 import json
+import html
 
 # --- Flask Application Setup --- 
 app = Flask(__name__)
@@ -99,6 +100,9 @@ def run_simulation_stream():
     if not is_valid:
       return result
 
+    # Escape result to prevent XSS
+    result = html.escape(result)
+
     # Build command
     command = build_simulation_command(result)
     logger.debug(f"Running streaming simulation with command: {' '.join(command)}")

From cf81bf75504695725f59d614ad7101a74cfa1a6a Mon Sep 17 00:00:00 2001
From: Mirko Zitkovich <73123551+MirkoZETA@users.noreply.github.com>
Date: Sat, 8 Mar 2025 16:39:38 -0300
Subject: [PATCH 2/2] Update README.md

---
 src/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/README.md b/src/README.md
index 1d3bf27..6e88fa9 100644
--- a/src/README.md
+++ b/src/README.md
@@ -1,4 +1,4 @@
-## Modification Notice: simulation.hpp
+## Modification Notice: `simulation.hpp`
 
 This document describes a modification made to the `simulation.hpp` file, specifically in the `Simulator::printRow` function. The purpose of this change is to enable real-time streaming of simulation output when used with the API, ensuring that data is delivered to the client as soon as it is available.
 
@@ -29,4 +29,4 @@ void Simulator::printRow(double percentage) {
 
 ### Future Considerations
 
-If future versions of the library include this feature, this modification may no longer be necessary. Until then, it should be retained to ensure proper streaming behavior.
\ No newline at end of file
+If future versions of the library include this feature, this modification may no longer be necessary. Until then, it should be retained to ensure proper streaming behavior.