Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Clean tag attributes before passing through the escape_once logic.

Addresses CVE-2009-3009
  • Loading branch information...
commit b16e0c922344da256ab977fd5e7a7f69e0be90fc 1 parent 9a73630
@NZKoz NZKoz authored
Showing with 1 addition and 1 deletion.
  1. +1 −1  actionpack/lib/action_view/helpers/tag_helper.rb
View
2  actionpack/lib/action_view/helpers/tag_helper.rb
@@ -106,7 +106,7 @@ def cdata_section(content)
# escape_once("<< Accept & Checkout")
# # => "<< Accept & Checkout"
def escape_once(html)
- html.to_s.gsub(/[\"><]|&(?!([a-zA-Z]+|(#\d+));)/) { |special| ERB::Util::HTML_ESCAPE[special] }
+ ActiveSupport::Multibyte.clean(html.to_s).gsub(/[\"><]|&(?!([a-zA-Z]+|(#\d+));)/) { |special| ERB::Util::HTML_ESCAPE[special] }
end
private

0 comments on commit b16e0c9

Please sign in to comment.
Something went wrong with that request. Please try again.