extras-buildsys/www/template main.psp,1.3.4.1,1.3.4.2
Daniel Williams (dcbw)
fedora-extras-commits at redhat.com
Wed Oct 25 17:33:34 UTC 2006
Author: dcbw
Update of /cvs/fedora/extras-buildsys/www/template
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26573/www/template
Modified Files:
Tag: STABLE_0_4
main.psp
Log Message:
2006-10-25 Dan Williams <dcbw at redhat.com>
* www/template/main.psp
- Fix cross-site scripting vulnerability by stripping the provided
email address quite harshly
Index: main.psp
===================================================================
RCS file: /cvs/fedora/extras-buildsys/www/template/main.psp,v
retrieving revision 1.3.4.1
retrieving revision 1.3.4.2
diff -u -r1.3.4.1 -r1.3.4.2
--- main.psp 24 Nov 2005 22:39:09 -0000 1.3.4.1
+++ main.psp 25 Oct 2006 17:33:31 -0000 1.3.4.2
@@ -2,6 +2,7 @@
<%
import time
import os
+import urllib, cgi
from plague import XMLRPCServerProxy
from OpenSSL import SSL
@@ -18,7 +19,20 @@
if form.has_key('action'):
action = str(form['action'])
if form.has_key('email'):
- user_email = str(form['email'])
+ user_email = ''
+ unsafe = str(form['email'])
+ a = urllib.unquote(unsafe)
+ a = urllib.unquote(a)
+ if a == urllib.unquote(a):
+ safe = ''
+ for item in a:
+ if item != '>' and item != '<' and item != '/' and item != '\\' and item != ')' and item != '(' and item != "'" and item != '"' and item != '%':
+ safe = safe + item
+ user_email = cgi.escape(safe)
+ else:
+ # No email for you, too many quote levels
+ user_email = "error"
+ # endif
# endif
%>
More information about the scm-commits
mailing list