Commit a9ca3846 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

More xss fixes

parent b5912c5e
......@@ -235,10 +235,10 @@ class ArtefactTypeBlog extends ArtefactType {
if (isset($options['viewid'])) {
$smarty->assign('artefacttitle', '<a href="' . get_config('wwwroot') . 'view/artefact.php?artefact='
. $this->get('id') . '&view=' . $options['viewid']
. '">' . $this->get('title') . '</a>');
. '">' . hsc($this->get('title')) . '</a>');
}
else {
$smarty->assign('artefacttitle', $this->get('title'));
$smarty->assign('artefacttitle', hsc($this->get('title')));
}
$smarty->assign('blockid', $blockid);
......@@ -246,7 +246,7 @@ class ArtefactTypeBlog extends ArtefactType {
$smarty->assign('enc_id', json_encode($this->id));
$smarty->assign('limit', self::pagination);
$smarty->assign('loading_img', theme_get_url('images/loading.gif'));
$smarty->assign('description', $this->get('description'));
$smarty->assign('description', clean_html($this->get('description')));
// Remove unnecessary options for blog posts
unset($options['hidetitle']);
......@@ -469,15 +469,15 @@ class ArtefactTypeBlogPost extends ArtefactType {
if (isset($options['viewid'])) {
$smarty->assign('artefacttitle', '<a href="' . get_config('wwwroot') . 'view/artefact.php?artefact='
. $this->get('id') . '&view=' . $options['viewid']
. '">' . $this->get('title') . '</a>');
. '">' . hsc($this->get('title')) . '</a>');
}
else {
$smarty->assign('artefacttitle', $this->get('title'));
$smarty->assign('artefacttitle', hsc($this->get('title')));
}
}
// We need to make sure that the images in the post have the right viewid associated with them
$postcontent = $this->get('description');
$postcontent = clean_html($this->get('description'));
if (isset($options['viewid'])) {
safe_require('artefact', 'file');
$postcontent = ArtefactTypeFolder::append_view_url($postcontent, $options['viewid']);
......@@ -612,6 +612,7 @@ class ArtefactTypeBlogPost extends ArtefactType {
foreach ($result as &$post) {
$post->ctime = format_date($post->ctime, 'strftimedaydatetime');
$post->mtime = format_date($post->mtime);
$post->description = clean_html($post->description);
}
}
......
......@@ -11,7 +11,7 @@
{foreach from=$attachments item=item}
<tr class="r{cycle values=1,0}">
<td style="width: 22px;"><img src="{$item->iconpath|escape}" alt=""></td>
<td><a href="{$item->viewpath|escape}">{$item->title}</a> ({$item->size}) - <strong><a href="{$item->downloadpath|escape}">{str tag=Download section=artefact.file}</a></strong>
<td><a href="{$item->viewpath|escape}">{$item->title|escape}</a> ({$item->size}) - <strong><a href="{$item->downloadpath|escape}">{str tag=Download section=artefact.file}</a></strong>
<br><strong>{$item->description|escape}</strong></td>
</tr>
{/foreach}
......
......@@ -74,7 +74,7 @@ class PluginBlocktypeImage extends PluginBlocktype {
$description = (is_a($image, 'ArtefacttypeImage')) ? $image->get('description') : $image->get('title');
if (!empty($configdata['showdescription']) && $description) {
$result .= '<p>' . $description . '</p>';
$result .= '<p>' . hsc($description) . '</p>';
}
$result .= '</div>';
}
......
<table>
{foreach from=$fields key='field' item='value'}
<tr>
<td>{$field}</td>
<td>{$value}</td>
<td>{$field|escape}</td>
<td>{$value|escape}</td>
</tr>
{/foreach}
</table>
......@@ -5,7 +5,7 @@
<h2>
<a href="{$WWWROOT}view/view.php?id={$viewid}">{$viewtitle|escape}</a>{if $ownername} {str tag=by section=view}
<a href="{$WWWROOT}{$ownerlink}">{$ownername|escape}</a>{/if}{foreach from=$artefactpath item=a}:
{if $a.url}<a href="{$a.url}">{/if}{$a.title}{if $a.url}</a>{/if}
{if $a.url}<a href="{$a.url}">{/if}{$a.title|escape}{if $a.url}</a>{/if}
{/foreach}
</h2>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment