external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

pkg_details.php: Fix potential XSS for package names and dep conditions

Browse source 
Package names and dep conditions can be specially crafted for an XSS
attack. Properly sanitize these variables on the package details page.

In addition, avoid including dep conditions as part of a package link.

Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
canyonknight 2012-11-06 17:13:45 -05:00 committed by Lukas Fleischer
parent 630f1cbae8
commit 4161e14796
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
web/template/pkg_details.php
View file

@ -190,9 +190,9 @@ if ($row["MaintainerUID"]):
# darr: (DepName, DepCondition, PackageID), where ID is NULL if it didn't exist
if (!is_null($darr[2])):
?>
<li><a href="<?= htmlspecialchars(get_pkg_uri($darr[0]), ENT_QUOTES); ?>" title="<?= __('View packages details for').' '.$darr[0].$darr[1]?>"><?= $darr[0].$darr[1]?></a></li>
<li><a href="<?= htmlspecialchars(get_pkg_uri($darr[0]), ENT_QUOTES); ?>" title="<?= __('View packages details for').' '. htmlspecialchars($darr[0]) ?>"><?= htmlspecialchars($darr[0]) ?></a><?= htmlspecialchars($darr[1]) ?></li>
<?php else: ?>
<li><a href="https://www.archlinux.org/packages/?q=<?= urlencode($darr[0])?>" title="<?= __('View packages details for').' '.$darr[0].$darr[1] ?>"><?= $darr[0].$darr[1] ?></a></li>
<li><a href="https://www.archlinux.org/packages/?q=<?= urlencode($darr[0])?>" title="<?= __('View packages details for').' ' . htmlspecialchars($darr[0]) ?>"><?= htmlspecialchars($darr[0]) ?></a><?= htmlspecialchars($darr[1]) ?></li>
<?php endif; ?>
<?php endwhile; ?>
</ul>
@ -206,7 +206,7 @@ if ($row["MaintainerUID"]):
# darr: (PackageName, PackageID)
while (list($k, $darr) = each($requiredby)):
?>
<li><a href="<?= htmlspecialchars(get_pkg_uri($darr[0]), ENT_QUOTES); ?>" title="<?= __('View packages details for').' '.$darr[0]?>"><?= $darr[0] ?></a></li>
<li><a href="<?= htmlspecialchars(get_pkg_uri($darr[0]), ENT_QUOTES); ?>" title="<?= __('View packages details for').' ' . htmlspecialchars($darr[0]) ?>"><?= htmlspecialchars($darr[0]) ?></a></li>
<?php endwhile; ?>
</ul>
<?php endif; ?>