首頁 探索 說明
註冊 登入
SKZH
/
ITSSTOOLS
3
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
瀏覽代碼

N.760 XSS vulnerability

git-svn-id: http://svn.code.sf.net/p/itop/code/trunk@4621 a333f486-631f-4898-b8df-5754b55c2be0
romainq 8 年之前
父節點
c2b6f681d6
當前提交
d46ee1b0e2
共有 1 個文件被更改,包括 11 次插入6 次删除
分割檢視 顯示文件統計
  1. 11 6
      pages/UI.php

+ 11 - 6
pages/UI.php
查看文件 

@@ -1,6 +1,6 @@
 
 <?php

 

-// Copyright (C) 2010-2016 Combodo SARL

+// Copyright (C) 2010-2017 Combodo SARL

 //

 //   This file is part of iTop.

 //

@@ -21,7 +21,7 @@
 
 /**

  * Main page of iTop

  *

- * @copyright   Copyright (C) 2010-2016 Combodo SARL

+ * @copyright   Copyright (C) 2010-2017 Combodo SARL

  * @license     http://opensource.org/licenses/AGPL-3.0

  */

 

@@ -704,12 +704,14 @@ EOF
 
 				throw new ApplicationException(Dict::Format('UI:Error:1ParametersMissing', 'class'));

 			}

 

+/*

 			$aArgs = utils::ReadParam('default', array(), false, 'raw_data');

 			$aContext = $oAppContext->GetAsHash();

 			foreach( $oAppContext->GetNames() as $key)

 			{

-				$aArgs[$key] = $oAppContext->GetCurrentValue($key);	

+				$aArgs[$key] = $oAppContext->GetCurrentValue($key);

 			}

+*/

 			// If the specified class has subclasses, ask the user an instance of which class to create

 			$aSubClasses = MetaModel::EnumChildClasses($sClass, ENUM_CHILD_CLASSES_ALL); // Including the specified class itself

 			$aPossibleClasses = array();

@@ -779,18 +781,21 @@ EOF
 
 							{

 								foreach($value2 as $key3 => $value3)

 								{

-									$oP->add("<input type=\"hidden\" name=\"default[$key][$key2][$key3]\" value=\"$value3\">\n");	

+									$sValue = htmlentities($value3, ENT_QUOTES, 'UTF-8');

+									$oP->add("<input type=\"hidden\" name=\"default[$key][$key2][$key3]\" value=\"$sValue\">\n");

 								}

 							}

 							else

 							{

-								$oP->add("<input type=\"hidden\" name=\"default[$key][$key2]\" value=\"$value2\">\n");	

+								$sValue = htmlentities($value2, ENT_QUOTES, 'UTF-8');

+								$oP->add("<input type=\"hidden\" name=\"default[$key][$key2]\" value=\"$sValue\">\n");

 							}

 						}

 					}

 					else

 					{

-						$oP->add("<input type=\"hidden\" name=\"default[$key]\" value=\"$value\">\n");	

+						$sValue = htmlentities($value, ENT_QUOTES, 'UTF-8');

+						$oP->add("<input type=\"hidden\" name=\"default[$key]\" value=\"$sValue\">\n");

 					}

 				}

 				$oP->add('<select name="class">');