Permalink
Browse files

[-] FO : Fix bug #PSCFV-12176, var not sanitized in stores.js

  • Loading branch information...
gRoussac committed Jun 9, 2014
1 parent 78b867d commit 29d8cf1576cadd321d131f33735c4635759c10f5
Showing with 22 additions and 22 deletions.
  1. +0 −21 js/admin.js
  2. +21 −0 js/tools.js
  3. +1 −1 themes/default-bootstrap/js/stores.js
View
@@ -1480,25 +1480,4 @@ function saveCustomerNote(customerId){
showSuccessMessage(update_success_msg);
}
});
-}
-
-function isCleanHtml(content)
-{
- var events = 'onmousedown|onmousemove|onmmouseup|onmouseover|onmouseout|onload|onunload|onfocus|onblur|onchange';
- events += '|onsubmit|ondblclick|onclick|onkeydown|onkeyup|onkeypress|onmouseenter|onmouseleave|onerror|onselect|onreset|onabort|ondragdrop|onresize|onactivate|onafterprint|onmoveend';
- events += '|onafterupdate|onbeforeactivate|onbeforecopy|onbeforecut|onbeforedeactivate|onbeforeeditfocus|onbeforepaste|onbeforeprint|onbeforeunload|onbeforeupdate|onmove';
- events += '|onbounce|oncellchange|oncontextmenu|oncontrolselect|oncopy|oncut|ondataavailable|ondatasetchanged|ondatasetcomplete|ondeactivate|ondrag|ondragend|ondragenter|onmousewheel';
- events += '|ondragleave|ondragover|ondragstart|ondrop|onerrorupdate|onfilterchange|onfinish|onfocusin|onfocusout|onhashchange|onhelp|oninput|onlosecapture|onmessage|onmouseup|onmovestart';
- events += '|onoffline|ononline|onpaste|onpropertychange|onreadystatechange|onresizeend|onresizestart|onrowenter|onrowexit|onrowsdelete|onrowsinserted|onscroll|onsearch|onselectionchange';
- events += '|onselectstart|onstart|onstop';
-
- var script1 = /<[\s]*script/im;
- var script2 = new RegExp('('+events+')[\s]*=', 'im');
- var script3 = /.*script\:/im;
- var script4 = /<[\s]*(i?frame|embed|object)/im;
-
- if (script1.test(content) || script2.test(content) || script3.test(content) || script4.test(content))
- return false;
-
- return true;
}
View
@@ -482,6 +482,27 @@ function in_array(value, array)
return false;
}
+function isCleanHtml(content)
+{
+ var events = 'onmousedown|onmousemove|onmmouseup|onmouseover|onmouseout|onload|onunload|onfocus|onblur|onchange';
+ events += '|onsubmit|ondblclick|onclick|onkeydown|onkeyup|onkeypress|onmouseenter|onmouseleave|onerror|onselect|onreset|onabort|ondragdrop|onresize|onactivate|onafterprint|onmoveend';
+ events += '|onafterupdate|onbeforeactivate|onbeforecopy|onbeforecut|onbeforedeactivate|onbeforeeditfocus|onbeforepaste|onbeforeprint|onbeforeunload|onbeforeupdate|onmove';
+ events += '|onbounce|oncellchange|oncontextmenu|oncontrolselect|oncopy|oncut|ondataavailable|ondatasetchanged|ondatasetcomplete|ondeactivate|ondrag|ondragend|ondragenter|onmousewheel';
+ events += '|ondragleave|ondragover|ondragstart|ondrop|onerrorupdate|onfilterchange|onfinish|onfocusin|onfocusout|onhashchange|onhelp|oninput|onlosecapture|onmessage|onmouseup|onmovestart';
+ events += '|onoffline|ononline|onpaste|onpropertychange|onreadystatechange|onresizeend|onresizestart|onrowenter|onrowexit|onrowsdelete|onrowsinserted|onscroll|onsearch|onselectionchange';
+ events += '|onselectstart|onstart|onstop';
+
+ var script1 = /<[\s]*script/im;
+ var script2 = new RegExp('('+events+')[\s]*=', 'im');
+ var script3 = /.*script\:/im;
+ var script4 = /<[\s]*(i?frame|embed|object)/im;
+
+ if (script1.test(content) || script2.test(content) || script3.test(content) || script4.test(content))
+ return false;
+
+ return true;
+}
+
$(document).ready(function()
{
// Hide all elements with .hideOnSubmit class when parent form is submit
@@ -96,7 +96,7 @@ function searchLocations()
searchLocationsNear(results[0].geometry.location);
else
{
- if (!!$.prototype.fancybox)
+ if (!!$.prototype.fancybox && isCleanHtml(address))
$.fancybox.open([
{
type: 'inline',

0 comments on commit 29d8cf1

Please sign in to comment.