Please do not reply to this email- if you want to comment on the bug, go to the URL shown below and enter your comments there.
Changed by [EMAIL PROTECTED] http://bugzilla.ximian.com/show_bug.cgi?id=78948 --- shadow/78948 2006-07-25 14:53:32.000000000 -0400 +++ shadow/78948.tmp.16512 2006-07-25 14:53:32.000000000 -0400 @@ -0,0 +1,69 @@ +Bug#: 78948 +Product: Mono: Class Libraries +Version: 1.1 +OS: +OS Details: +Status: NEW +Resolution: +Severity: +Priority: Normal +Component: Sys.Web +AssignedTo: [EMAIL PROTECTED] +ReportedBy: [EMAIL PROTECTED] +QAContact: [EMAIL PROTECTED] +TargetMilestone: --- +URL: +Cc: +Summary: [PATCH] HtmlTextArea.Value should be encoded, even under 1.0 + +Description of Problem: + +The HtmlTextArea renders its Value property verbatim instead of +HTML-encoding it. This is inconsistent with ASP.NET 1.1.4322.2300 and +opens up Mono-based sites to script injection attacks. This bug was +previously fixe for the 2.0 profile (see bug 78074), but seems to have been +intentionally left in for the 1.0 profile. I've tested the behavior of +ASP.NET 1.1 and confirmed that it does not have this bug (i.e. it *does* +HTML-encode the value). + +Steps to reproduce the problem: +1. View the following aspx page under the 1.0 profile: + +<%@ language="c#" %> +<html> +<script runat="server"> + void Page_Load (object sender, EventArgs e) + { + //myTA.InnerText = "Hi there!\nCool!"; + myTA.Value = "<hola>something</hola>"; + } +</script> +<head> +<title>HtmlTextArea</title> +</head> +<body> +<form runat="server"> +<textarea id="myTA" cols=25 rows=5 runat="server" /> +</form> +</body> +</html> + +2. View the HTML source that is rendered. + +Actual Results: + +<textarea name="myTA" id="myTA" cols="25" +rows="5"><hola>something</hola></textarea> + +Expected Results: + +<textarea name="myTA" id="myTA" cols="25" +rows="5"><hola>something<:/hola></textarea> + +How often does this happen? + +Everytime. + +Additional Information: + +I'll attach the obvious patch. _______________________________________________ mono-bugs maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-bugs
