Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fix for CVE-2014-1403

  • Loading branch information...
commit a3194d32c25a0d27a10a47304eb9c9be93ffbf13 1 parent 7d79817
@oyvindkinsey authored
Showing with 14 additions and 1 deletion.
  1. +1 −1  build.xml
  2. +3 −0  src/Fn.js
  3. +7 −0 src/changes.html
  4. +3 −0  src/name.html
View
2  build.xml
@@ -4,7 +4,7 @@
<property file="build.secret.properties"/>
<property name="project.build.artifactdir" value="./artifacts/"/>
<property name="project.build.publishdir" value="./artifacts/"/>
- <property name="project.build.version" value="2.4.18"/>
+ <property name="project.build.version" value="2.4.19"/>
<!-- Setup classpath for js-build-tools ant tasks -->
<path id="js-build-tasks.classpath">
View
3  src/Fn.js
@@ -58,6 +58,9 @@
// #ifdef debug
this._trace("retrieving function " + name);
// #endif
+ if (!_map.hasOwnProperty(name)) {
+ return;
+ }
var fn = _map[name];
// #ifdef debug
if (!fn) {
View
7 src/changes.html
@@ -5,6 +5,13 @@
</head>
<body>
<ul>
+ <li>
+ 2.4.19 18.01.14
+ <br/>
+ Removed XSS vulnerability:
+ <br/>
+ - XSS due to lack of validation in name.html (CVE-2014-1403) - disclosed by Krzystof Kotowicz (Cure53)
+ </li>
<li>
2.4.18 21.09.13
<br/>
View
3  src/name.html
@@ -24,6 +24,9 @@
else {
channel = hash.substring(0, indexOf);
url = decodeURIComponent(hash.substring(indexOf + 1));
+ if (url && !/https?:\/\//.test(url)) {
+ throw new Error('Invalid url');
+ }
}
switch (location.hash.substring(2, 3)) {
case "2":
Please sign in to comment.
Something went wrong with that request. Please try again.