pixeldrain/fnx_web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix XSS vulnerability on the viewer page

Browse Source
This commit is contained in:
Wim Brand
2017-12-04 22:00:25 +01:00
parent 5e81e945d3
commit 837fc8859b
3 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
res/static/res/script/DetailsWindow.js
View File

@@ -11,13 +11,13 @@ var DetailsWindow = {
},
setDetails: function (file) {
var fileInfo = "<table>"
+ "<tr><td>Name<td><td>" + file.file_name + "</td></tr>"
+ "<tr><td>Name<td><td>" + escapeHTML(file.file_name) + "</td></tr>"
+ "<tr><td>Url<td><td><a href=\"/u/" + file.id + "\">Open</a></td></tr>"
+ "<tr><td>Mime Type<td><td>" + file.mime + "</td></tr>"
+ "<tr><td>Mime Type<td><td>" + escapeHTML(file.mime) + "</td></tr>"
+ "<tr><td>Id<td><td>" + file.id + "</td></tr>"
+ "<tr><td>Size<td><td class=\"bytecounter\">" + file.file_size + "</td></tr>"
+ "<tr><td>Upload Date<td><td>" + file.date_upload + "</td></tr>"
+ "<tr><td>Description<td><td>" + file.desc + "</td></tr>"
+ "<tr><td>Description<td><td>" + escapeHTML(file.desc) + "</td></tr>"
+ "</table>";
$("#info-fileDetails").html(fileInfo);
}

6
res/static/res/script/ListNavigator.js
View File

@@ -127,9 +127,9 @@ var ListNavigator = {
var thumb = this.data[i].thumbnail;
var name = this.data[i].file_name;
var itemHtml = name + "<br>"
var itemHtml = escapeHTML(name) + "<br>"
+ "<img src=\"" + thumb + "\" "
+ "class=\"listItemThumbnail lazy\" alt=\"" + name + "\"/>";
+ "class=\"listItemThumbnail lazy\" alt=\"" + escapeHTML(name) + "\"/>";
navigatorItems[i].innerHTML = itemHtml;
}
@@ -150,7 +150,7 @@ var ListNavigator = {
var itemHtml = "<div class=\"listItem\" "
+ "onClick=\"ListNavigator.setItem('" + i + "')\">"
+ filename + "<br>"
+ escapeHTML(filename) + "<br>"
// + "<img src=\"/api/thumbnail/" + item.id + "\" " // Lazy Loading
// + "class=\"listItemThumbnail lazy\" alt=\"" + filename + "\"/>"
+ "</div>";

11
res/static/res/script/Viewer.js
View File

@@ -42,4 +42,13 @@ var Viewer = {
DetailsWindow.setDetails(file);
Toolbar.setViews(file.views);
}
};
};
// Against XSS attacks
function escapeHTML(str) {
return String(str)
.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;');
}