Mercurial > kallithea
changeset 5008:a8f2986afc18 stable
security: Fix HTML and JavaScript injection.
This fixes CVE-2015-1864
author | Nick High <nick@silverchip.org> |
---|---|
date | Sun, 12 Apr 2015 14:46:25 -0400 |
parents | 6eb57b4f311b |
children | 9b79b50f2b31 |
files | kallithea/controllers/admin/repo_groups.py kallithea/controllers/admin/user_groups.py kallithea/controllers/admin/users.py kallithea/model/repo.py kallithea/templates/summary/summary.html |
diffstat | 5 files changed, 10 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/controllers/admin/repo_groups.py Fri Apr 10 19:09:40 2015 +0200 +++ b/kallithea/controllers/admin/repo_groups.py Sun Apr 12 14:46:25 2015 -0400 @@ -144,7 +144,7 @@ repo_groups_data.append({ "raw_name": repo_gr.group_name, "group_name": repo_group_name(repo_gr.group_name, children_groups), - "desc": repo_gr.group_description, + "desc": h.escape(repo_gr.group_description), "repos": repo_count, "owner": h.person(repo_gr.user), "action": repo_group_actions(repo_gr.group_id, repo_gr.group_name,
--- a/kallithea/controllers/admin/user_groups.py Fri Apr 10 19:09:40 2015 +0200 +++ b/kallithea/controllers/admin/user_groups.py Sun Apr 12 14:46:25 2015 -0400 @@ -113,7 +113,7 @@ "raw_name": user_gr.users_group_name, "group_name": user_group_name(user_gr.users_group_id, user_gr.users_group_name), - "desc": user_gr.user_group_description, + "desc": h.escape(user_gr.user_group_description), "members": len(user_gr.members), "active": h.boolicon(user_gr.users_group_active), "owner": h.person(user_gr.user.username),
--- a/kallithea/controllers/admin/users.py Fri Apr 10 19:09:40 2015 +0200 +++ b/kallithea/controllers/admin/users.py Sun Apr 12 14:46:25 2015 -0400 @@ -96,8 +96,8 @@ "gravatar": grav_tmpl % h.gravatar(user.email, size=20), "raw_name": user.username, "username": username(user.user_id, user.username), - "firstname": user.name, - "lastname": user.lastname, + "firstname": h.escape(user.name), + "lastname": h.escape(user.lastname), "last_login": h.fmt_date(user.last_login), "last_login_raw": datetime_to_time(user.last_login), "active": h.boolicon(user.active),
--- a/kallithea/model/repo.py Fri Apr 10 19:09:40 2015 +0200 +++ b/kallithea/model/repo.py Sun Apr 12 14:46:25 2015 -0400 @@ -138,8 +138,8 @@ return json.dumps([ { 'id': u.user_id, - 'fname': u.name, - 'lname': u.lastname, + 'fname': h.escape(u.name), + 'lname': h.escape(u.lastname), 'nname': u.username, 'gravatar_lnk': h.gravatar_url(u.email, size=28), 'gravatar_size': 14, @@ -210,9 +210,9 @@ def desc(desc): if c.visual.stylify_metatags: - return h.urlify_text(h.desc_stylize(h.truncate(desc, 60))) + return h.urlify_text(h.desc_stylize(h.escape(h.truncate(desc, 60)))) else: - return h.urlify_text(h.truncate(desc, 60)) + return h.urlify_text(h.escape(h.truncate(desc, 60))) def state(repo_state): return _render("repo_state", repo_state)
--- a/kallithea/templates/summary/summary.html Fri Apr 10 19:09:40 2015 +0200 +++ b/kallithea/templates/summary/summary.html Sun Apr 12 14:46:25 2015 -0400 @@ -85,9 +85,9 @@ <label>${_('Description')}:</label> </div> %if c.visual.stylify_metatags: - <div class="input ${summary(c.show_stats)} desc">${h.urlify_text(h.desc_stylize(c.db_repo.description))}</div> + <div class="input ${summary(c.show_stats)} desc">${h.urlify_text(h.desc_stylize(h.escape(c.db_repo.description)))}</div> %else: - <div class="input ${summary(c.show_stats)} desc">${h.urlify_text(c.db_repo.description)}</div> + <div class="input ${summary(c.show_stats)} desc">${h.urlify_text(h.escape(c.db_repo.description))}</div> %endif </div>