[CakePHP : The Rapid Development Framework for PHP] #5779: api.cakephp.org search input not properly escaped

Thu, 20 Nov 2008 11:28:31 -0800 

#5779: api.cakephp.org search input not properly escaped
-----------------------------+----------------------------------------------
    Reporter:  davidpersson  |          Type:  Bug          
      Status:  new           |      Priority:  High         
   Milestone:                |     Component:  Documentation
     Version:                |      Severity:  Critical     
    Keywords:                |   Php_version:  n/a          
Cake_version:                |  
-----------------------------+----------------------------------------------
 When using the search input field double quotes are not being escaped.
 This allows for arbitrary inclusion of html and js.
 [[BR]]
 [[BR]]
 '''Input''' [[BR]]
 {{{" <img src="http://www.cakephp.org/img/cake-logo.png"; />}}}


 '''Link''' [[BR]]
 
{{{http://api.cakephp.org/search.php?query="+<img+src%3D"http%3A%2F%2Fwww.cakephp.org%2Fimg
 %2Fcake-logo.png"+%2F>}}}


 '''Input''' [[BR]]
 {{{" <script type="text/javascript">alert('Oh no');</script>}}}
 [[BR]]
 [[BR]]


 '''Link''' [[BR]]
 
{{{http://api.cakephp.org/search.php?query=%22+%3Cscript+type%3D%22text%2Fjavascript%22%3Ealert(%27Oh+no%27)%3B%3C%2Fscript%3E}}}
 [[BR]]
 [[BR]]
 This seems to be a doxygen bug which hasn't (as far as i can see) not
 reported yet.

-- 
Ticket URL: <https://trac.cakephp.org/ticket/5779>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design 
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. 
Our primary goal is to provide a structured framework that enables PHP users at 
all levels to rapidly develop robust web applications, without any loss to 
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"tickets cakephp" group.
To post to this group, send email to tickets-cakephp@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---
  • [CakePHP : The Rapid Dev... CakePHP : The Rapid Development Framework for PHP

Reply via email to