From ad2ae87b4e6cb76342998c7b8839afc4b7741aeb Mon Sep 17 00:00:00 2001 From: Julian Date: Wed, 16 Nov 2022 21:33:49 -0500 Subject: [PATCH 1/2] fix stored XSS vulnerability sanitize beatmap metadata retrieved from db before formatting into html to prevent xss --- utils/html_utils.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/utils/html_utils.py b/utils/html_utils.py index 2db7dbf..5628f8b 100644 --- a/utils/html_utils.py +++ b/utils/html_utils.py @@ -1,8 +1,11 @@ +def sanitize( s ): + return s.replace( "<", "<" ).replace( ">", ">" ) + def html_a_format( url, text ): - return "{}".format( url, text ) + return "{}".format( url, sanitize(text) ) def html_a_blank_format( url, text ): - return "{}".format( url, text ) + return "{}".format( url, sanitize(text) ) # modify to have randon auth hash to verify owner # target="dummyframe" @@ -11,5 +14,5 @@ def html_delete_format( url, playlist_id, user_id, beatmap_id, text ): - + """ \ No newline at end of file From 55043a937873a9c7d57c9b462415b5e3c77206f1 Mon Sep 17 00:00:00 2001 From: Julian Date: Wed, 16 Nov 2022 22:09:13 -0500 Subject: [PATCH 2/2] style fix --- utils/html_utils.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/html_utils.py b/utils/html_utils.py index 5628f8b..464c0be 100644 --- a/utils/html_utils.py +++ b/utils/html_utils.py @@ -2,10 +2,10 @@ def sanitize( s ): return s.replace( "<", "<" ).replace( ">", ">" ) def html_a_format( url, text ): - return "{}".format( url, sanitize(text) ) + return "{}".format( url, sanitize( text ) ) def html_a_blank_format( url, text ): - return "{}".format( url, sanitize(text) ) + return "{}".format( url, sanitize( text ) ) # modify to have randon auth hash to verify owner # target="dummyframe"