[pLog-svn] r6754 - plugins/branches/lifetype-1.2/submissions/class/action
Matt Wood
matt at woodzy.com
Thu Dec 4 17:18:22 EST 2008
Don't allow on(anything)? ModSecurity has an "xss" monster regex...
blacklisting is always error prone.
On Thu, Dec 4, 2008 at 5:14 PM, Jon Daley <plogworld at jon.limedaley.com>wrote:
> Thanks. is there a better way to fix it than simply adding every
> tag we can think of, which I assume is always out-of-date, not exhaustive?
>
>
> On Thu, 4 Dec 2008, Matt Wood wrote:
>
> filterjavascript doesn't filter all javascript... here is one example i
>> noticed looking @ svn.
>> <img src=dne onerror=alert(0) />
>>
>> On Thu, Dec 4, 2008 at 4:21 PM, <jondaley at devel.lifetype.net> wrote:
>> Author: jondaley
>> Date: 2008-12-04 16:21:57 -0500 (Thu, 04 Dec 2008)
>> New Revision: 6754
>>
>> Modified:
>>
>> plugins/branches/lifetype-1.2/submissions/class/action/addsubmissionaction.class.php
>> Log:
>> have to allow HTML whether the tinymce editor is enabled or not. At
>> least filter javascript
>>
>> Modified:
>> plugins/branches/lifetype-1.2/submissions/class/action/addsubmissionaction.class.php
>> ===================================================================
>> ---
>> plugins/branches/lifetype-1.2/submissions/class/action/addsubmissionaction.class.php
>> 2008-12-04
>> 21:16:19 UTC (rev 6753)
>> +++
>> plugins/branches/lifetype-1.2/submissions/class/action/addsubmissionaction.class.php
>> 2008-12-04
>> 21:21:57 UTC (rev 6754)
>> @@ -70,15 +70,15 @@
>>
>> $this->_text = "";
>> $text = $this->_request->getValue( "submissionText" );
>> - $config =& Config::getConfig();
>> - $htmlEnabled =
>> $config->getValue("plugin_submissions_htmlarea_enabled");
>> - $val2 = new StringValidator($htmlEnabled);
>> + $val2 = new StringValidator(true);
>> if( !$val2->validate( $text )) {
>> $errors["submissionText"] = true;
>> $message["submissionText"] =
>> $this->_locale->tr("error_submission_no_text");
>> }
>> else{
>> - $this->_text = $text;
>> + // is this too much? Maybe just remove
>> javascript?
>> +// $this->_text = Textfilter::filterHtml($text);
>> + $this->_text = Textfilter::filterJavaScript($text);
>> }
>>
>> $this->_categoryIds = "";
>>
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://limedaley.com/mailman/listinfo/plog-svn
>>
>>
>>
>>
>>
> --
> Jon Daley
> http://jon.limedaley.com
> ~~
> Lady: One who makes a man behave like a gentleman.
> -- Jimmy Lyons
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://limedaley.com/pipermail/plog-svn/attachments/20081204/3d162a24/attachment-0001.htm>
More information about the pLog-svn
mailing list