Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Backport XSS vulnerability fix to 0.5 branch

  • Loading branch information...
commit 58fc995728352b466f166a67281b11f6db191f31 1 parent 41bdcf2
@thomascube thomascube authored
View
1  CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix XSS vulnerability in UI messages (#1488030)
- Fix identities "reply-to" and "bcc" fields have a bogus value when left empty (#1487943)
- Fix issue which cases IMAP disconnection when encrypt() method was used (#1487900)
- Fix some CSS issues in Settings for Internet Explorer
View
14 program/include/rcube_json_output.php
@@ -169,12 +169,16 @@ public function add_label()
public function show_message($message, $type='notice', $vars=null, $override=true)
{
if ($override || !$this->message) {
+ if (rcube_label_exists($message)) {
+ if (!empty($vars))
+ $vars = array_map('Q', $vars);
+ $msgtext = rcube_label(array('name' => $message, 'vars' => $vars));
+ }
+ else
+ $msgtext = $message;
+
$this->message = $message;
- $this->command(
- 'display_message',
- rcube_label(array('name' => $message, 'vars' => $vars)),
- $type
- );
+ $this->command('display_message', $msgtext, $type, $timeout * 1000);
}
}
View
13 program/include/rcube_template.php
@@ -249,11 +249,16 @@ public function add_label()
public function show_message($message, $type='notice', $vars=null, $override=true)
{
if ($override || !$this->message) {
+ if (rcube_label_exists($message)) {
+ if (!empty($vars))
+ $vars = array_map('Q', $vars);
+ $msgtext = rcube_label(array('name' => $message, 'vars' => $vars));
+ }
+ else
+ $msgtext = $message;
+
$this->message = $message;
- $this->command(
- 'display_message',
- rcube_label(array('name' => $message, 'vars' => $vars)),
- $type);
+ $this->command('display_message', $msgtext, $type, $timeout * 1000);
}
}
Please sign in to comment.
Something went wrong with that request. Please try again.