From ba72f5a67c333247dd9264d5858bd328bf762a94 Mon Sep 17 00:00:00 2001
From: Alejandro Romero Herrera <alromh87@gmail.com>
Date: Wed, 9 Sep 2020 22:09:36 +0300
Subject: [PATCH] Fix Arbitary Code Execution

---
 index.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/index.js b/index.js
index d6aa58a..ce757ac 100644
--- a/index.js
+++ b/index.js
@@ -15,7 +15,7 @@ function WKHtmlToImage() {
 			options = {};
 		}
 		
-		var output = options.output;
+		var output = options.output.replace(/'|"|;|&|,|\\|\|/gi, '');
 		delete options.output;
 		
 		var args = [this.command, '--quiet'];
@@ -59,4 +59,4 @@ function WKHtmlToImage() {
 	}
 }
 
-module.exports = new WKHtmlToImage();
\ No newline at end of file
+module.exports = new WKHtmlToImage();