fix xss on discard route, fix data-uuid

NodeBB · Jun 27, 2018 · 6fb80e4 · 6fb80e4
1 parent b16c23f
commit 6fb80e4
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 3 deletions.
diff --git a/library.js b/library.js
@@ -14,6 +14,7 @@ var socketMethods = require('./websockets');
 
 var async = module.parent.require('async');
 var nconf = module.parent.require('nconf');
+var validator = require('validator');
 
 var plugin = module.exports;
 
@@ -173,7 +174,7 @@ plugin.build = function(data, callback) {
 		}
 
 		if (req.query.cid) {
-			discardRoute = nconf.get('relative_path') + '/category/' + req.query.cid;
+			discardRoute = nconf.get('relative_path') + '/category/' + validator.escape(String(req.query.cid));
 		} else if ((req.query.tid || req.query.pid)) {
 			if (data.topicData) {
 				discardRoute = nconf.get('relative_path') + '/topic/' + data.topicData.slug;

diff --git a/package.json b/package.json
@@ -26,6 +26,7 @@
     "compatibility": "^1.7.4"
   },
   "dependencies": {
-    "screenfull": "3.0.0"
+    "screenfull": "3.0.0",
+    "validator": "10.4.0"
   }
 }
diff --git a/static/lib/composer.js b/static/lib/composer.js
@@ -276,7 +276,7 @@ define('composer', [
 		if (!post_uuid && !postData) {
 			post_uuid = utils.generateUUID();
 			composer.posts[post_uuid] = postData = ajaxify.data;
-			postContainer.attr('id', 'cmp-uuid-' + post_uuid);
+			postContainer.attr('data-uuid', post_uuid);
 		}
 
 		var bodyEl = postContainer.find('textarea');