Skip to content

bugzilla
bugzilla
Commit c283f5e7 authored by Reed Loden's avatar Reed Loden
Browse files
Options

Bug 619637: (CVE-2010-4569) [SECURITY] XSS in user autocomplete due to lack of encoding by YUI

[r=mkanat r=dkl a=LpSolit]
parent fee4dfba
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 1 deletion
js/field.js
View file @ c283f5e7
...@@ -661,6 +661,13 @@ function browserCanHideOptions(aSelect) { ...@@ -661,6 +661,13 @@ function browserCanHideOptions(aSelect) {
/* (end) option hiding code */ /* (end) option hiding code */
// A convenience function to sanitize raw text for harmful HTML before outputting
function _escapeHTML(text) {
return text.replace(/&/g, '&').
replace(/</g, '&lt;').
replace(/>/g, '&gt;');
}
/** /**
* The Autoselect * The Autoselect
*/ */
...@@ -686,7 +693,7 @@ YAHOO.bugzilla.userAutocomplete = { ...@@ -686,7 +693,7 @@ YAHOO.bugzilla.userAutocomplete = {
return stringified; return stringified;
}, },
resultListFormat : function(oResultData, enteredText, sResultMatch) { resultListFormat : function(oResultData, enteredText, sResultMatch) {
return ( oResultData.real_name + " (" + oResultData.email + ")"); return ( _escapeHTML(oResultData.real_name) + " (" + _escapeHTML(oResultData.email) + ")");
}, },
debug_helper : function ( ){ debug_helper : function ( ){
/* used to help debug any errors that might happen */ /* used to help debug any errors that might happen */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment