Skip to content

Commit 8a1d882

Browse files
techsneezetechsneeze
authored
Merge pull request #88 from NotsoanoNimus/hotfix/sanitize-printed-data
XSS: Escape Raw HTML in Outputs
2 parents 5901db2 + d497d99 commit 8a1d882

File tree

2 files changed

+4
-3
lines changed

2 files changed

+4
-3
lines changed

dmarcts-report-viewer-report-data.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,7 @@ function tmpl_reportData($reportnumber, $reports, $host_lookup = 1) {
5757
$row = $reports[$reportnumber];
5858

5959
$row['raw_xml'] = formatXML($row['raw_xml'], $reportnumber);
60+
$row = array_map('html_escape', $row);
6061

6162
$reportdata[] = "<div id='report_desc_container' class='center reportdesc_container'>";
6263
$reportdata[] = "<div id='report_desc' class='center reportdesc' class='hilighted' onmouseover='highlight(this);' onmouseout='unhighlight(this);' onclick='pin(this)'>Report from ".$row['org']." for ".$row['domain']."<br>". format_date($row['mindate'], $cookie_options['date_format']). " to ".format_date($row['maxdate'], $cookie_options['date_format'])."<br> Policies: adkim=" . $row['policy_adkim'] . ", aspf=" . $row['policy_aspf'] . ", p=" . $row['policy_p'] . ", sp=" . $row['policy_sp'] . ", pct=" . $row['policy_pct'] . "</div>";
@@ -151,7 +152,7 @@ function tmpl_reportData($reportnumber, $reports, $host_lookup = 1) {
151152
$row = array_map('html_escape', $row);
152153

153154
$reportdata[] = " <tr id='line" . $row['id'] . "' class='" . get_dmarc_result($row)['color'] . "' title='DMARC Result: " . get_dmarc_result($row)['result'] . "' onmouseover='highlight(this);' onmouseout='unhighlight(this);' onclick='pin(this);'>";
154-
$reportdata[] = " <td>". $ip. "</td>";
155+
$reportdata[] = " <td>". htmlspecialchars($ip) . "</td>";
155156
if ( $host_lookup ) {
156157
$reportdata[] = " <td>". gethostbyaddr($ip). "</td>";
157158
} else {

dmarcts-report-viewer.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -148,7 +148,7 @@ function html ($domains = array(), $orgs = array(), $periods = array() ) {
148148
$html[] = "<option " . ( $cookie_options['Domain'] ? "" : "selected=\"selected\" " ) . "value=\"all\">[all]</option>";
149149

150150
foreach( $domains as $d) {
151-
$html[] = "<option " . ( $cookie_options['Domain'] == $d ? "selected=\"selected\" " : "" ) . "value=\"$d\">$d</option>";
151+
$html[] = "<option " . ( $cookie_options['Domain'] == $d ? "selected=\"selected\" " : "" ) . "value=\"".htmlspecialchars($d)."\">".htmlspecialchars($d)."</option>";
152152
}
153153

154154
$html[] = "</select>";
@@ -164,7 +164,7 @@ function html ($domains = array(), $orgs = array(), $periods = array() ) {
164164
$html[] = "<option " . ( $cookie_options['Organisation'] ? "" : "selected=\"selected\" " ) . "selected=\"selected\" value=\"all\">[all]</option>";
165165

166166
foreach( $orgs as $o) {
167-
$html[] = "<option " . ( $cookie_options['Organisation'] == $o ? "selected=\"selected\" " : "" ) . "value=\"$o\">" . ( strlen( $o ) > 25 ? substr( $o, 0, 22) . "..." : $o ) . "</option>";
167+
$html[] = "<option " . ( $cookie_options['Organisation'] == $o ? "selected=\"selected\" " : "" ) . "value=\"".htmlspecialchars($o)."\">" . ( strlen( $o ) > 25 ? htmlspecialchars(substr( $o, 0, 22)) . "..." : htmlspecialchars($o) ) . "</option>";
168168
}
169169

170170
$html[] = "</select>";

0 commit comments

Comments
 (0)