GHSL-2021-1019

jupyter · Aug 9, 2022 · d2d44d4 · d2d44d4
1 parent 4b9c5e7
commit d2d44d4
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 10 deletions.
diff --git a/nbconvert/exporters/templateexporter.py b/nbconvert/exporters/templateexporter.py
@@ -7,6 +7,7 @@
 
 
 import json
+import html
 from lxml.html.clean import clean_html
 import os
 import uuid
@@ -72,6 +73,7 @@
     # browsers will parse </script>, closing a script tag early
     # Since JSON allows escaping forward slash, this will still be parsed by JSON
     "escape_html_script": lambda x: x.replace("</script>", "<\\/script>"),
+    "escape_html": html.escape,
     "clean_html": clean_html,
     "strip_trailing_newline": filters.strip_trailing_newline,
     "text_base64": filters.text_base64,

diff --git a/nbconvert/exporters/tests/files/notebook_inject.ipynb b/nbconvert/exporters/tests/files/notebook_inject.ipynb
@@ -32,14 +32,32 @@
     "id": "b72e53fa",
     "metadata": {},
     "outputs": [
-     {
-      "output_type": "execute_result",
-      "data": {
-        "image/svg+xml": ["<script>alert('image/svg+xml output')</script>"]
-      },
-      "execution_count": null,
-      "metadata": {}
-     }
+      {
+        "output_type": "execute_result",
+        "data": {
+          "image/svg+xml": ["<script>alert('image/svg+xml output')</script>"]
+        },
+        "execution_count": null,
+        "metadata": {}
+      }
+    ],
+    "source": [""]
+   },
+   {
+    "cell_type": "code",
+    "execution_count": null,
+    "id": "64d5d39f",
+    "metadata": {},
+    "outputs": [
+      {
+        "output_type": "execute_result",
+        "svg_filename": "\"><script>alert('svg_filename')</script>",
+        "data": {
+          "image/svg+xml": [""]
+        },
+        "execution_count": null,
+        "metadata": {}
+      }
     ],
     "source": [""]
    }

diff --git a/nbconvert/exporters/tests/test_html.py b/nbconvert/exporters/tests/test_html.py
@@ -154,3 +154,4 @@ def test_javascript_injection(self):
 
             # Check injection in svg output
             assert "<script>alert('image/svg+xml output')</script>" not in output
+            assert "<script>alert('svg_filename')</script>" not in output
diff --git a/share/jupyter/nbconvert/templates/classic/base.html.j2 b/share/jupyter/nbconvert/templates/classic/base.html.j2
@@ -124,7 +124,7 @@ unknown type  {{ cell.type }}
 {% block data_svg scoped -%}
 <div class="output_svg output_subarea {{ extra_class }}">
 {%- if output.svg_filename %}
-<img src="{{ output.svg_filename | posix_path }}">
+<img src="{{ output.svg_filename | posix_path | escape_html }}">
 {%- else %}
 {{ output.data['image/svg+xml'] | clean_html }}
 {%- endif %}

diff --git a/share/jupyter/nbconvert/templates/lab/base.html.j2 b/share/jupyter/nbconvert/templates/lab/base.html.j2
@@ -152,7 +152,7 @@ unknown type  {{ cell.type }}
 {% block data_svg scoped -%}
 <div class="jp-RenderedSVG jp-OutputArea-output {{ extra_class }}" data-mime-type="image/svg+xml">
 {%- if output.svg_filename %}
-<img src="{{ output.svg_filename | posix_path }}">
+<img src="{{ output.svg_filename | posix_path | escape_html }}">
 {%- else %}
 {{ output.data['image/svg+xml'] | clean_html }}
 {%- endif %}