deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

XSS Security Fix

Browse source 
There  was a XSS vulnerability in the handling of categories. Now they are escaped.
This commit is contained in:
Jacques Distler 2007-09-02 00:33:28 -05:00
parent 6fd6be8fea
commit 5ff1b7f6da
2 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/chunks/category.rb
View file

@ -16,7 +16,7 @@ class Category < Chunk::Abstract
def initialize(match_data, content) def initialize(match_data, content)
super(match_data, content) super(match_data, content)
@hidden = match_data[1] @hidden = match_data[1]
@list = match_data[2].split(',').map { |c| c.strip } @list = match_data[2].split(',').map { |c| html_escape(c.strip) }
@unmask_text = '' @unmask_text = ''
if @hidden if @hidden
@unmask_text = '' @unmask_text = ''

7
lib/chunks/chunk.rb
View file

@ -74,6 +74,13 @@ module Chunk
@content.delete_chunk(self) @content.delete_chunk(self)
end end
def html_escape(string)
string.gsub( /&/, "&amp;" ).
gsub( /</, "&lt;" ).
gsub( />/, "&gt;" ).
gsub( /"/, "&quot;" )
end
end end
end end