Re: Issue 3272 in reviewboard: exception running devserver: TypeError: __init__() got an unexpected keyword argument 'detailed_label_html'
Comment #6 on issue 3272 by chip...@gmail.com: exception running devserver: TypeError: __init__() got an unexpected keyword argument 'detailed_label_html' http://code.google.com/p/reviewboard/issues/detail?id=3272 Okay, sorry. I think I know what was going on here. The version number didn't get bumped post-release, which may have messed with the dependency on Review Board, and caused it to end up pulling down the released Djblets instead of the one in the source directory. At least, this just happened to a student of ours. I've fixed that, so give it another try. -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups reviewboard-issues group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/groups/opt_out.
Issue 3274 in reviewboard: xss in autocomplete
Status: New
Owner:
Labels: Type-Defect Priority-Medium
New issue 3274 by uchida...@gmail.com: xss in autocomplete
http://code.google.com/p/reviewboard/issues/detail?id=3274
*** READ THIS BEFORE POSTING!
***
*** You must complete this form in its entirety, or your bug report will be
rejected.
***
*** For customer support, please post to reviewbo...@googlegroups.com
***
*** If you have a patch, please submit it to
http://reviews.reviewboard.org/
***
*** Do not post confidential information in this bug report!
What version are you running?
2.0 beta 4 (dev)
What's the URL of the page containing the problem?
https://reviews.reviewboard.org/dashboard/
What steps will reproduce the problem?
1. login to reviewboard.
2. enter uchi in the search box in the upper right.
3. script error
What is the expected output? What do you see instead?
What operating system are you using? What browser?
Firefox30
Please provide any additional information below.
This is XSS vulnerabilities. It be caused by ui.autocomplete be output
without html escape.
It will fix by this patch. (Sorry, I did not understand how to submit patch
for reviewboard)
Index: reviewboard/htdocs/media/rb/js/ui.autocomplete.js
===
diff --git a/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js
b/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js
--- a/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js (revision
2200)
+++ b/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js (working copy)
@@ -424,7 +424,7 @@
multiple: false,
multipleSeparator: , ,
highlight: function(value, term) {
- return value.replace(new RegExp((?![^;]+;)(?![^]*)( +
term.replace(/([\^\$\(\)\[\]\{\}\*\.\+\?\|\\])/gi, \\$1)
+ )(?![^]*)(?![^;]+;), gi), strong$1/strong);
+ return $('div').text(value).html().replace(new
RegExp((?![^;]+;)(?![^]*)( +
$('div').text(term).html().replace(/([\^\$\(\)\[\]\{\}\*\.\+\?\|
\\])/gi, \\$1) + )(?![^]*)(?![^;]+;), gi), strong$1/strong);
},
scroll: true,
scrollHeight: 180
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
You received this message because you are subscribed to the Google Groups
reviewboard-issues group.
To unsubscribe from this group and stop receiving emails from it, send an email
to reviewboard-issues+unsubscr...@googlegroups.com.
To post to this group, send email to reviewboard-issues@googlegroups.com.
Visit this group at http://groups.google.com/group/reviewboard-issues.
For more options, visit https://groups.google.com/groups/opt_out.
Re: Issue 3274 in reviewboard: xss in autocomplete
Comment #1 on issue 3274 by uchida...@gmail.com: xss in autocomplete
http://code.google.com/p/reviewboard/issues/detail?id=3274
A mistake. Do not need to be escaped term.
Index: reviewboard/htdocs/media/rb/js/ui.autocomplete.js
===
diff --git a/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js
b/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js
--- a/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js (revision
2200)
+++ b/trunk/reviewboard/htdocs/media/rb/js/ui.autocomplete.js (working copy)
@@ -424,7 +424,7 @@
multiple: false,
multipleSeparator: , ,
highlight: function(value, term) {
- return value.replace(new RegExp((?![^;]+;)(?![^]*)( +
term.replace(/([\^\$\(\)\[\]\{\}\*\.\+\?\|\\])/gi, \\$1)
+ )(?![^]*)(?![^;]+;), gi), strong$1/strong);
+ return $('div').text(value).html().replace(new
RegExp((?![^;]+;)(?![^]*)( +
term.replace(/([\^\$\(\)\[\]\{\}\*\.\+\?\|\\])/gi, \\$1)
+ )(?![^]*)(?![^;]+;), gi), strong$1/strong);
},
scroll: true,
scrollHeight: 180
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
You received this message because you are subscribed to the Google Groups
reviewboard-issues group.
To unsubscribe from this group and stop receiving emails from it, send an email
to reviewboard-issues+unsubscr...@googlegroups.com.
To post to this group, send email to reviewboard-issues@googlegroups.com.
Visit this group at http://groups.google.com/group/reviewboard-issues.
For more options, visit https://groups.google.com/groups/opt_out.
Re: Issue 3274 in reviewboard: xss in autocomplete
Updates: Status: NeedInfo Comment #2 on issue 3274 by chip...@gmail.com: xss in autocomplete http://code.google.com/p/reviewboard/issues/detail?id=3274 Thanks. In the future, please submit XSS vulnerabilities to secur...@reviewboard.org. We'd also appreciate the patch being posted to https://reviews.reviewboard.org. I also don't understand your repro case. How does uchi cause any sort of issue? -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups reviewboard-issues group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/groups/opt_out.
Re: Issue 3274 in reviewboard: xss in autocomplete
Comment #3 on issue 3274 by uchida...@gmail.com: xss in autocomplete
http://code.google.com/p/reviewboard/issues/detail?id=3274
I also don't understand your repro case. How does uchi cause any sort
of issue?
I input scriptalert('uchida')/scrip to First name in my Profile.
If you type uchi in this state, my First name output HTML without html
escape.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
You received this message because you are subscribed to the Google Groups
reviewboard-issues group.
To unsubscribe from this group and stop receiving emails from it, send an email
to reviewboard-issues+unsubscr...@googlegroups.com.
To post to this group, send email to reviewboard-issues@googlegroups.com.
Visit this group at http://groups.google.com/group/reviewboard-issues.
For more options, visit https://groups.google.com/groups/opt_out.
Re: Issue 3274 in reviewboard: xss in autocomplete
Comment #4 on issue 3274 by uchida...@gmail.com: xss in autocomplete http://code.google.com/p/reviewboard/issues/detail?id=3274 We'd also appreciate the patch being posted to https://reviews.reviewboard.org. Is this right? https://reviews.reviewboard.org/r/5570/ -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups reviewboard-issues group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/groups/opt_out.
