Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

SECURITY Sanitize messages passed to generated JS calls in FormRespon…

…se::status_message(), e.g. to avoid XSS on 'Successfully published <page title>' messages
  • Loading branch information...
commit 475e0772a26c022d8d1835ea08791efaaf9dea8d 1 parent bdd6391
@chillu chillu authored
Showing with 2 additions and 2 deletions.
  1. +2 −2 core/control/FormResponse.php
View
4 core/control/FormResponse.php
@@ -146,8 +146,8 @@ static function get_page($id, $form = 'Form_EditForm', $uniquenessID = null) {
* @param $status string
*/
static function status_message($message = "", $status = null) {
- $JS_message = Convert::raw2js($message);
- $JS_status = Convert::raw2js($status);
+ $JS_message = Convert::raw2js(Convert::raw2xml($message));
+ $JS_status = Convert::raw2js(Convert::raw2xml($status));
if(isset($JS_status)) {
self::$status_messages[$JS_status] = "statusMessage('{$JS_message}', '{$JS_status}');";
} else {

0 comments on commit 475e077

Please sign in to comment.
Something went wrong with that request. Please try again.