public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #329 from cweider/security 

Security [HTML Escaping]
pull/333/head
Peter 'Pita' Martischka 2012-01-14 15:22:12 -08:00
parent ba180452e7 387dd4a48b
commit c45932c6b8
5 changed files with 24 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
node/utils/ExportHtml.js
View File

@ -292,7 +292,7 @@ function getHTMLFromAtext(pad, atext)
var url = urlData[1]; var url = urlData[1];
var urlLength = url.length; var urlLength = url.length;
processNextChars(startIndex - idx); processNextChars(startIndex - idx);
assem.append('<a href="' + url.replace(/\"/g, '&quot;') + '">'); assem.append('<a href="' + _escapeHTML(url) + '">');
processNextChars(urlLength); processNextChars(urlLength);
assem.append('</a>'); assem.append('</a>');
}); });
@ -429,14 +429,15 @@ exports.getPadHTMLDocument = function (padId, revNum, noDocType, callback)
function _escapeHTML(s) function _escapeHTML(s)
{ {
var re = /[&<>]/g; var re = /[&"<>]/g;
if (!re.MAP) if (!re.MAP)
{ {
// persisted across function calls! // persisted across function calls!
re.MAP = { re.MAP = {
'&': '&amp;', '&': '&amp;',
'"': '&quot;',
'<': '&lt;', '<': '&lt;',
'>': '&gt;', '>': '&gt;'
}; };
} }

9
static/js/ace2_common.js
View File

@ -142,7 +142,14 @@ function binarySearchInfinite(expectedLength, func)
function htmlPrettyEscape(str) function htmlPrettyEscape(str)
{ {
return str.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/\r?\n/g, '\\n'); return str.replace(/[&"<>]/g, function (c) {
return {
'&': '&amp;',
'"': '&quot;',
'<': '&lt;',
'>': '&gt;'
}[c] || c;
}).replace(/\r?\n/g, '\\n');
} }
if (typeof exports !== "undefined") if (typeof exports !== "undefined")

4
static/js/domline.js
View File

@ -162,7 +162,7 @@ domline.createDomLine = function(nonEmpty, doesWrap, optBrowser, optDocument)
{ {
href = "http://"+href; href = "http://"+href;
} }
extraOpenTags = extraOpenTags + '<a href="' + href.replace(/\"/g, '&quot;') + '">'; extraOpenTags = extraOpenTags + '<a href="' + domline.escapeHTML(href) + '">';
extraCloseTags = '</a>' + extraCloseTags; extraCloseTags = '</a>' + extraCloseTags;
} }
if (simpleTags) if (simpleTags)
@ -229,7 +229,7 @@ domline.escapeHTML = function(s)
'&': '&amp;', '&': '&amp;',
'<': '&lt;', '<': '&lt;',
'>': '&gt;', '>': '&gt;',
'"': '&#34;', '"': '&quot;',
"'": '&#39;' "'": '&#39;'
}; };
} }

2
static/js/domline_client.js
View File

@ -158,7 +158,7 @@ domline.createDomLine = function(nonEmpty, doesWrap, optBrowser, optDocument)
{ {
if (href) if (href)
{ {
extraOpenTags = extraOpenTags + '<a href="' + href.replace(/\"/g, '&quot;') + '">'; extraOpenTags = extraOpenTags + '<a href="' + domline.escapeHTML(href) + '">';
extraCloseTags = '</a>' + extraCloseTags; extraCloseTags = '</a>' + extraCloseTags;
} }
if (simpleTags) if (simpleTags)

11
static/js/pad_utils.js
View File

@ -23,7 +23,14 @@
var padutils = { var padutils = {
escapeHtml: function(x) escapeHtml: function(x)
{ {
return String(x).replace(/\</g, '&lt;').replace(/\>/g, '&gt;'); return String(x).replace(/[&"<>]/g, function (c) {
return {
'&': '&amp;',
'"': '&quot;',
'<': '&lt;',
'>': '&gt;'
}[c] || c;
});
}, },
uniqueId: function() uniqueId: function()
{ {
@ -180,7 +187,7 @@ var padutils = {
var startIndex = urls[j][0]; var startIndex = urls[j][0];
var href = urls[j][1]; var href = urls[j][1];
advanceTo(startIndex); advanceTo(startIndex);
pieces.push('<a ', (target ? 'target="' + target + '" ' : ''), 'href="', href.replace(/\"/g, '&quot;'), '">'); pieces.push('<a ', (target ? 'target="' + target + '" ' : ''), 'href="', padutils.escapeHtml(href), '">');
advanceTo(startIndex + href.length); advanceTo(startIndex + href.length);
pieces.push('</a>'); pieces.push('</a>');
} }