Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Escape wierd stuff from the URL: XSS

  • Loading branch information...
commit bdeb2c4c91aea3e45cc6e09ba7ff90ed008673d0 1 parent 337afc5
@tijsverkoyen tijsverkoyen authored
View
12 CHANGELOG.md
@@ -1,3 +1,12 @@
+3.3.1 (xxxx-xx-xx)
+--
+
+Bugfixes:
+
+* XSS: Escape the input on ajax searches.
+* XSS: Escaped wierd input in Locale-module
+
+
3.3.0 (2012-03-06)
--
Improvements:
@@ -25,7 +34,6 @@ Bugfixes:
* Core: JS module validation has been fixed.
* Core: fix XSS vulnerability on ajax searches.
-
3.2.7 (2012-02-28)
--
Improvements:
@@ -909,4 +917,4 @@ Improvements:
2.0.0 (2010-10-11)
-----
-None
+None
View
8 backend/modules/locale/actions/add.php
@@ -78,7 +78,11 @@ private function loadForm()
protected function parse()
{
parent::parse();
- $this->tpl->assign($this->filter);
+
+ // prevent XSS
+ $filter = SpoonFilter::arrayMapRecursive('htmlspecialchars', $this->filter);
+
+ $this->tpl->assign($filter);
}
/**
@@ -94,7 +98,7 @@ private function setFilter()
$this->filter['value'] = $this->getParameter('value');
// build query for filter
- $this->filterQuery = BackendLocaleModel::buildURLQueryByFilter($this->filter);
+ $this->filterQuery = '&' . http_build_query($this->filter);
}
/**
View
5 backend/modules/locale/actions/edit.php
@@ -75,8 +75,11 @@ protected function parse()
{
parent::parse();
+ // prevent XSS
+ $filter = SpoonFilter::arrayMapRecursive('htmlspecialchars', $this->filter);
+
// parse filter
- $this->tpl->assign($this->filter);
+ $this->tpl->assign($filter);
$this->tpl->assign('filterQuery', $this->filterQuery);
// assign id, name
View
2  backend/modules/locale/actions/index.php
@@ -192,6 +192,6 @@ private function setFilter()
$this->filter['value'] = $this->getParameter('value') == null ? '' : $this->getParameter('value');
// build query for filter
- $this->filterQuery = BackendLocaleModel::buildURLQueryByFilter($this->filter);;
+ $this->filterQuery = BackendLocaleModel::buildURLQueryByFilter($this->filter);
}
}
View
25 backend/modules/locale/engine/model.php
@@ -102,29 +102,8 @@ public static function buildCache($language, $application)
*/
public static function buildURLQueryByFilter($filter)
{
- $query = '';
-
- // loop filter items
- foreach($filter as $key => $value)
- {
- // is it an array?
- if(is_array($value))
- {
- // loop the array
- foreach($value as $v)
- {
- // add to the query
- $query .= '&' . $key . '[]=' . $v;
- }
- }
-
- // not an array
- else
- {
- // add to the query
- $query .= '&' . $key . '=' . $value;
- }
- }
+ $query = http_build_query($filter);
+ if($query != '') $query = '&' . $query;
return $query;
}
Please sign in to comment.
Something went wrong with that request. Please try again.