undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'jk/maint-gitweb-xss'

Browse Source 
Fixes an XSS vulnerability in gitweb.

* jk/maint-gitweb-xss:
  gitweb: escape html in rss title
This commit is contained in:
Junio C Hamano 2012-11-20 10:37:27 -08:00
commit 79a09bba1c
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
gitweb/gitweb.perl
View File

@ -8054,6 +8054,7 @@ sub git_feed {
$feed_type = 'history'; $feed_type = 'history';
} }
$title .= " $feed_type"; $title .= " $feed_type";
$title = esc_html($title);
my $descr = git_get_project_description($project); my $descr = git_get_project_description($project);
if (defined $descr) { if (defined $descr) {
$descr = esc_html($descr); $descr = esc_html($descr);

15
t/t9502-gitweb-standalone-parse-output.sh
View File

@ -185,5 +185,20 @@ test_expect_success 'forks: project_index lists all projects (incl. forks)' '
test_cmp expected actual test_cmp expected actual
' '
xss() {
echo >&2 "Checking $1..." &&
gitweb_run "$1" &&
if grep "$TAG" gitweb.body; then
echo >&2 "xss: $TAG should have been quoted in output"
return 1
fi
return 0
}
test_expect_success 'xss checks' '
TAG="<magic-xss-tag>" &&
xss "a=rss&p=$TAG" &&
xss "a=rss&p=foo.git&f=$TAG"
'
test_done test_done