Properly escape the foldername to avoid XSS issues
This commit is contained in:
parent
a2a89e8720
commit
25dbd4849d
|
@ -3076,9 +3076,7 @@ function appendCalendar(folderName, folderPath) {
|
||||||
|
|
||||||
var colorBox = document.createElement("div");
|
var colorBox = document.createElement("div");
|
||||||
li.appendChild(colorBox);
|
li.appendChild(colorBox);
|
||||||
li.appendChild(document.createTextNode(folderName
|
li.appendChild(document.createTextNode(folderName));
|
||||||
.replace("<", "<", "g")
|
|
||||||
.replace(">", ">", "g")));
|
|
||||||
colorBox.appendChild(document.createTextNode("OO"));
|
colorBox.appendChild(document.createTextNode("OO"));
|
||||||
|
|
||||||
$(colorBox).addClassName("colorBox");
|
$(colorBox).addClassName("colorBox");
|
||||||
|
@ -3119,7 +3117,7 @@ function appendStyleElement(folderPath, color) {
|
||||||
function onFolderSubscribeCB(folderData) {
|
function onFolderSubscribeCB(folderData) {
|
||||||
var folder = $(folderData["folder"]);
|
var folder = $(folderData["folder"]);
|
||||||
if (!folder) {
|
if (!folder) {
|
||||||
appendCalendar(folderData["folderName"], folderData["folder"]);
|
appendCalendar(folderData["folderName"].unescapeHTML(), folderData["folder"]);
|
||||||
refreshEvents();
|
refreshEvents();
|
||||||
refreshTasks();
|
refreshTasks();
|
||||||
changeCalendarDisplay();
|
changeCalendarDisplay();
|
||||||
|
|
|
@ -192,7 +192,11 @@ function addFolderBranchToTree(tree, user, folder, nodeId, subId, isLast) {
|
||||||
else
|
else
|
||||||
icon += 'calendar-folder-16x16.png';
|
icon += 'calendar-folder-16x16.png';
|
||||||
var folderId = user + ":" + folderInfos[1].substr(1);
|
var folderId = user + ":" + folderInfos[1].substr(1);
|
||||||
var name = folderInfos[0]; // name has the format "Folername (Firstname Lastname <email>)"
|
|
||||||
|
// name has the format "Foldername (Firstname Lastname <email>)"
|
||||||
|
// We sanitize the value to avoid XSS issues
|
||||||
|
var name = folderInfos[0].escapeHTML();
|
||||||
|
|
||||||
var pos = name.lastIndexOf(' (');
|
var pos = name.lastIndexOf(' (');
|
||||||
if (pos > -1)
|
if (pos > -1)
|
||||||
name = name.substring(0, pos); // strip the part with fullname and email
|
name = name.substring(0, pos); // strip the part with fullname and email
|
||||||
|
|
Loading…
Reference in a new issue