Re: Issue 3272 in reviewboard: exception running devserver: TypeError: __init__() got an unexpected keyword argument 'detailed_label_html'
Comment #6 on issue 3272 by chip...@gmail.com: exception running devserver: TypeError: __init__() got an unexpected keyword argument 'detailed_label_html' http://code.google.com/p/reviewboard/issues/detail?id=3272 Okay, sorry. I think I know what was going on here. The version number didn't get bumped post-release, which may have messed with the dependency on Review Board, and caused it to end up pulling down the released Djblets instead of the one in the source directory. At least, this just happened to a student of ours. I've fixed that, so give it another try. -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups reviewboard-issues group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/groups/opt_out.
Issue 3274 in reviewboard: xss in autocomplete
Status: New Owner: Labels: Type-Defect Priority-Medium New issue 3274 by uchida...@gmail.com: xss in autocomplete http://code.google.com/p/reviewboard/issues/detail?id=3274 *** READ THIS BEFORE POSTING! *** *** You must complete this form in its entirety, or your bug report will be rejected. *** *** For customer support, please post to reviewbo...@googlegroups.com *** *** If you have a patch, please submit it to http://reviews.reviewboard.org/ *** *** Do not post confidential information in this bug report! What version are you running? 2.0 beta 4 (dev) What's the URL of the page containing the problem? https://reviews.reviewboard.org/dashboard/ What steps will reproduce the problem? 1. login to reviewboard. 2. enter uchi in the search box in the upper right. 3. script error What is the expected output? What do you see instead? What operating system are you using? What browser? Firefox30 Please provide any additional information below. This is XSS vulnerabilities. It be caused by ui.autocomplete be output without html escape. It will fix by this patch. (Sorry, I did not understand how to submit patch for reviewboard) Index: reviewboard/htdocs/media/rb/js/ui.autocomplete.js === diff --git a/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js b/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js --- a/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js (revision 2200) +++ b/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js (working copy) @@ -424,7 +424,7 @@ multiple: false, multipleSeparator: , , highlight: function(value, term) { - return value.replace(new RegExp((?![^;]+;)(?![^]*)( + term.replace(/([\^\$\(\)\[\]\{\}\*\.\+\?\|\\])/gi, \\$1) + )(?![^]*)(?![^;]+;), gi), strong$1/strong); + return $('div').text(value).html().replace(new RegExp((?![^;]+;)(?![^]*)( + $('div').text(term).html().replace(/([\^\$\(\)\[\]\{\}\*\.\+\?\| \\])/gi, \\$1) + )(?![^]*)(?![^;]+;), gi), strong$1/strong); }, scroll: true, scrollHeight: 180 -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups reviewboard-issues group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/groups/opt_out.
Re: Issue 3274 in reviewboard: xss in autocomplete
Comment #1 on issue 3274 by uchida...@gmail.com: xss in autocomplete http://code.google.com/p/reviewboard/issues/detail?id=3274 A mistake. Do not need to be escaped term. Index: reviewboard/htdocs/media/rb/js/ui.autocomplete.js === diff --git a/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js b/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js --- a/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js (revision 2200) +++ b/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js (working copy) @@ -424,7 +424,7 @@ multiple: false, multipleSeparator: , , highlight: function(value, term) { - return value.replace(new RegExp((?![^;]+;)(?![^]*)( + term.replace(/([\^\$\(\)\[\]\{\}\*\.\+\?\|\\])/gi, \\$1) + )(?![^]*)(?![^;]+;), gi), strong$1/strong); + return $('div').text(value).html().replace(new RegExp((?![^;]+;)(?![^]*)( + term.replace(/([\^\$\(\)\[\]\{\}\*\.\+\?\|\\])/gi, \\$1) + )(?![^]*)(?![^;]+;), gi), strong$1/strong); }, scroll: true, scrollHeight: 180 -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups reviewboard-issues group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/groups/opt_out.
Re: Issue 3274 in reviewboard: xss in autocomplete
Updates: Status: NeedInfo Comment #2 on issue 3274 by chip...@gmail.com: xss in autocomplete http://code.google.com/p/reviewboard/issues/detail?id=3274 Thanks. In the future, please submit XSS vulnerabilities to secur...@reviewboard.org. We'd also appreciate the patch being posted to https://reviews.reviewboard.org. I also don't understand your repro case. How does uchi cause any sort of issue? -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups reviewboard-issues group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/groups/opt_out.
Re: Issue 3274 in reviewboard: xss in autocomplete
Comment #3 on issue 3274 by uchida...@gmail.com: xss in autocomplete http://code.google.com/p/reviewboard/issues/detail?id=3274 I also don't understand your repro case. How does uchi cause any sort of issue? I input scriptalert('uchida')/scrip to First name in my Profile. If you type uchi in this state, my First name output HTML without html escape. -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups reviewboard-issues group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/groups/opt_out.
Re: Issue 3274 in reviewboard: xss in autocomplete
Comment #4 on issue 3274 by uchida...@gmail.com: xss in autocomplete http://code.google.com/p/reviewboard/issues/detail?id=3274 We'd also appreciate the patch being posted to https://reviews.reviewboard.org. Is this right? https://reviews.reviewboard.org/r/5570/ -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups reviewboard-issues group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/groups/opt_out.