Author: brushed
Date: Fri Nov 14 13:03:21 2008
New Revision: 714139
URL: http://svn.apache.org/viewvc?rev=714139&view=rev
Log:
2.8.1-svn-12:
* [JSPWIKI-381] bug with periodicially refreshed sneak-preview in
combination with section-edit mode.
* [JSPWIKI-384] Filter js-scripts from input fields and cookies.(xss
vulnerability)
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/ChangeLog
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/Release.java
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-common.js
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-edit.js
Modified: incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/ChangeLog
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/ChangeLog?rev=714139&r1=714138&r2=714139&view=diff
==============================================================================
--- incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/ChangeLog (original)
+++ incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/ChangeLog Fri Nov 14 13:03:21
2008
@@ -1,3 +1,15 @@
+2008-11-13 Dirk Frederickx <[EMAIL PROTECTED]>
+
+ * 2.8.1-svn-12
+
+ * [JSPWIKI-381] fixed a bug with periodicially refreshed sneak-preview
+ while in section-edit mode. When section-edit was active,
+ linefeeds were inserted at every sneak-prev refresh.
+
+ * [JSPWIKI-384] Filter js-scripts from input fields and cookies.
+ (xss vulnerability)
+
+
2008-11-06 Janne Jalkanen <[EMAIL PROTECTED]>
* 2.8.1-svn-11
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/Release.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/Release.java?rev=714139&r1=714138&r2=714139&view=diff
==============================================================================
---
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/Release.java
(original)
+++
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/Release.java
Fri Nov 14 13:03:21 2008
@@ -77,7 +77,7 @@
* <p>
* If the build identifier is empty, it is not added.
*/
- public static final String BUILD = "11";
+ public static final String BUILD = "12";
/**
* This is the generic version string you should use
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-common.js
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-common.js?rev=714139&r1=714138&r2=714139&view=diff
==============================================================================
---
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-common.js
(original)
+++
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-common.js
Fri Nov 14 13:03:21 2008
@@ -64,7 +64,13 @@
trunc: function(size,elips){
if( !elips ) elips="...";
return (this.length<size) ? this : this.substring(0,size)+elips;
- }
+ },
+ stripScripts: function(){
+ var text = this.replace(/<script[^>]*>([\s\S]*?)<\/script>/gi,
function(){
+ Â Â Â Â Â Â return '';
+ });
+ return text;
+Â Â },
})
// get text of a dhtml node
@@ -376,6 +382,7 @@
$('progressbar').setStyle('visibility','visible');
this.progressbar =
Wiki.jsonrpc.periodical(1000, this,
["progressTracker.getProgress",[progress],function(result){
+ result = result.stripScripts(); //xss vulnerability
if(!result.code)
$('progressbar').getFirst().setStyle('width',result+'%').setHTML(result+'%');
}]);
@@ -828,6 +835,8 @@
var ul = new
Element('ul',{'id':'recentItems'}).inject($('recentSearches').show());
this.recent.each(function(el){
+ // xss vulnerability JSPWIKI-384
+ el = el.stripScripts();
new Element('a',{
'href':'#',
'events': {'click':function(){ q.value
= el; q.form.submit(); }}
@@ -898,7 +907,7 @@
},
submit: function(){
- var v = this.query.value;
+ var v = this.query.value.stripScripts(); //xss vulnerability
if( v == this.query.defaultValue) this.query.value = '';
if( !this.recent ) this.recent=[];
if( !this.recent.test(v) ){
@@ -915,7 +924,7 @@
},
ajaxQuickSearch: function(){
- var qv = this.query.value ;
+ var qv = this.query.value.stripScripts() ;
if( (qv==null) || (qv.trim()=="") ||
(qv==this.query.defaultValue) ) {
$('searchOutput').empty();
return;
@@ -1622,7 +1631,7 @@
if( !q &&
document.referrer.test("(?:\\?|&)(?:q|query)=([^&]*)","g") ) q = RegExp.$1;
if( !q ) return;
- var words = decodeURIComponent(q);
+ var words = decodeURIComponent(q).stripScripts(); //xss
vulnerability
words = words.replace( /\+/g, " " );
words = words.replace( /\s+-\S+/g, "" );
words = words.replace( /([\(\[\{\\\^\$\|\)\?\*\.\+])/g, "\\$1"
); //escape metachars
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-edit.js
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-edit.js?rev=714139&r1=714138&r2=714139&view=diff
==============================================================================
---
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-edit.js
(original)
+++
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/scripts/jspwiki-edit.js
Fri Nov 14 13:03:21 2008
@@ -652,14 +652,14 @@
var ta = this.textarea, ma = this.mainarea;
if(ta.value == this.cacheTextarea) return;
- this.cacheTextarea=ta.value;
+ this.cacheTextarea = ta.value;
if( this.sections ){
- var s = ta.value;
- if( s.lastIndexOf("\n") + 1 != s.length ) ta.value +=
'\n';
-
- s = ma.value;
- ma.value = s.substring(0, ta.begin) + ta.value +
s.substring(ta.end);
+ var s = ma.value,
+ //insert \n to ensure the next line's !!!header
remains at column 0.
+ addNewLine = ((ta.value.slice(-1) != '\n') &&
(s.charAt(ta.end) =='!')) ? '\n' : '';
+
+ ma.value = s.substring(0, ta.begin) + ta.value +
addNewLine + s.substring(ta.end);
ta.end = ta.begin + ta.value.length;
this.onSectionLoad(); //refresh section-edit menu
}
