From c2eba7b3bec125d87c076ccf1f95fb7815e6f132 Mon Sep 17 00:00:00 2001 From: Pierre HUBERT Date: Sat, 8 Dec 2018 19:03:53 +0100 Subject: [PATCH] Fix security breach. --- assets/js/common/utils.js | 23 +++++++++++++++++++++++ assets/js/components/posts/ui.js | 2 +- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/assets/js/common/utils.js b/assets/js/common/utils.js index 2691c77e..8ee9effc 100644 --- a/assets/js/common/utils.js +++ b/assets/js/common/utils.js @@ -592,4 +592,27 @@ function dataURItoBlob(dataURI){ return new Blob([ia], {type: mimeString}); +} + +/** + * Satinize some HTML source code by removing all javascript event detectors + * from it + * + * @param {string} html The source code to update + * @return {string} Secured html + */ +function removeJavascriptEventsFromHTML(html){ + + //Check if the string to check is null (we will consider + //at safe in this case) + if(html == null) + return html; + + //Search for unexceptable references + while(html.match(/on[a-zA-Z ]+=/i) != null){ + let match = html.match(/on[a-zA-Z ]+=/i)[0]; + html = html.replace(match, match.replace("on", "on")) + } + + return html; } \ No newline at end of file diff --git a/assets/js/components/posts/ui.js b/assets/js/components/posts/ui.js index add7c4f0..eaf51e58 100644 --- a/assets/js/components/posts/ui.js +++ b/assets/js/components/posts/ui.js @@ -826,7 +826,7 @@ ComunicWeb.components.posts.ui = { appendTo: postRoot, type: "div", class: "post_content", - innerHTML: info.content + innerHTML: removeJavascriptEventsFromHTML(info.content) }); //Parse emojies