Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Lack of escaping in commit message #538

Closed
gitblit opened this issue Aug 12, 2015 · 4 comments
Closed

Lack of escaping in commit message #538

gitblit opened this issue Aug 12, 2015 · 4 comments

Comments

@gitblit
Copy link
Owner

gitblit commented Aug 12, 2015

Originally reported on Google Code with ID 242

What steps will reproduce the problem?
1. Open a change that contains HTML in the commit summary
2. See the commit summary not escaping and rather rendering its HTML

What is the expected output? What do you see instead?
HTML output (at the very least < and >) should be replaced with their HTML entities.
If you don't trust everyone who writes code in your system, this is a potential XSS
vector.

What version of the product are you using? On what operating system?
1.2.1-GO on Ubuntu 12.04, behind Apache reverse proxy

Please provide any additional information below.
Compare the following two URLs:
https://git.wikimedia.org/commit/mediawiki%2Fextensions%2FParsoid.git/8994ef5c79e5c385c1f7bd593d991f15263ebf95
and https://gerrit.wikimedia.org/r/#/c/63444/

Reported by chorohoe@wikimedia.org on 2013-05-15 16:50:33

@gitblit
Copy link
Owner Author

gitblit commented Aug 12, 2015

Great find.

Reported by James.Moger on 2013-05-15 16:53:02

  • Status changed: Accepted
  • Labels added: Milestone-1.3.0

@gitblit
Copy link
Owner Author

gitblit commented Aug 12, 2015

This occurs when used in conjunction with regex substitution.  If you don't use regex,
it's fine.  Fix pushed to master.

Reported by James.Moger on 2013-05-15 21:33:25

  • Status changed: Queued

@gitblit
Copy link
Owner Author

gitblit commented Aug 12, 2015

Issue 544 has been merged into this issue.

Reported by James.Moger on 2013-05-31 02:27:00

@gitblit
Copy link
Owner Author

gitblit commented Aug 12, 2015

Fix or enhancement released in v1.3.0

Reported by James.Moger on 2013-07-14 16:52:58

  • Status changed: Fixed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants