[bbb-greenlight: 4/18] Fix Cross-Site-Scripting Vulnerability (#2034)
- From: Bartłomiej Piotrowski <bpiotrowski src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [bbb-greenlight: 4/18] Fix Cross-Site-Scripting Vulnerability (#2034)
- Date: Fri, 18 Sep 2020 06:13:00 +0000 (UTC)
commit 503ca5280602d0fcd724bdf457286499d8c6d59c
Author: Lars Kiesow <lkiesow uos de>
Date: Mon Aug 24 20:32:14 2020 +0200
Fix Cross-Site-Scripting Vulnerability (#2034)
This patch fixes a cross-site-scripting vulnerability in Greenlight
which allowed users to inject code into Greenlight by adding scripts
into their names.
Co-authored-by: Ahmad Farhat <ahmad af farhat gmail com>
app/assets/javascripts/room.js | 23 ++++++++++++++++-------
1 file changed, 16 insertions(+), 7 deletions(-)
---
diff --git a/app/assets/javascripts/room.js b/app/assets/javascripts/room.js
index fd346c1..42f9157 100644
--- a/app/assets/javascripts/room.js
+++ b/app/assets/javascripts/room.js
@@ -122,11 +122,20 @@ $(document).on('turbolinks:load', function(){
listItem.setAttribute('class', 'list-group-item text-left not-saved add-access');
listItem.setAttribute("data-uid", uid)
- let spanItem = "<span class='avatar float-left mr-2'>" + option.text().charAt(0) + "</span> <span
class='shared-user'>" +
- option.text() + " <span class='text-muted'>" + option.data("subtext") + "</span></span>" +
- "<span class='text-primary float-right shared-user cursor-pointer'
onclick='removeSharedUser(this)'><i class='fas fa-times'></i></span>"
-
- listItem.innerHTML = spanItem
+ let spanItemAvatar = document.createElement("span"),
+ spanItemName = document.createElement("span"),
+ spanItemUser = document.createElement("span");
+ spanItemAvatar.setAttribute('class', 'avatar float-left mr-2');
+ spanItemAvatar.innerText = option.text().charAt(0);
+ spanItemName.setAttribute('class', 'shared-user');
+ spanItemName.innerText = option.text();
+ spanItemUser.setAttribute('class', 'text-muted');
+ spanItemUser.innerText = option.data('subtext');
+ spanItemName.append(spanItemUser);
+
+ listItem.innerHTML = "<span class='text-primary float-right shared-user cursor-pointer'
onclick='removeSharedUser(this)'><i class='fas fa-times'></i></span>"
+ listItem.prepend(spanItemName);
+ listItem.prepend(spanItemAvatar);
$("#user-list").append(listItem)
}
@@ -134,7 +143,7 @@ $(document).on('turbolinks:load', function(){
$("#presentation-upload").change(function(data) {
var file = data.target.files[0]
-
+
// Check file type and size to make sure they aren't over the limit
if (validFileUpload(file)) {
$("#presentation-upload-label").text(file.name)
@@ -327,4 +336,4 @@ function checkIfAutoJoin() {
$("#joiner-consent").click()
$("#room-join").click()
}
-}
\ No newline at end of file
+}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]