Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3534dadd authored by Scott Main's avatar Scott Main
Browse files

docs: fix XSS vulnerability in search

add a function that uses replace() to replace all
instances of '<' and '>' with the HTML entities and use
this wherever the query text is added onto the page.
parent d14f1bd7
Loading
Loading
Loading
Loading
+11 −3
Original line number Diff line number Diff line
@@ -71,7 +71,7 @@ page.title=Search Results
            // save the tab index from the hash
            tabIndex = location.hash.split("&t=")[1];

            $("#searchTitle").html("search results for <em>" + query + "</em>");
            $("#searchTitle").html("search results for <em>" + escapeHTML(query) + "</em>");
            $.history.add('q=' + query + '&t=' + tabIndex);
            openTab();
        });
@@ -96,7 +96,8 @@ page.title=Search Results
      $(window).history(function(e, hash) {
        var query = decodeURI(getQuery(hash));
        searchControl.execute(query);
        $("#searchTitle").html("search results for <em>" + query + "</em>");

        $("#searchTitle").html("search results for <em>" + escapeHTML(query) + "</em>");
      });

      // forcefully regain key-up event control (previously jacked by search api)
@@ -131,6 +132,13 @@ page.title=Search Results
        return queryParts[1];
      }

      /* returns the given string with all HTML brackets converted to entities
         TODO: move this to the site's JS library */
      function escapeHTML(string) {
        return string.replace(/</g,"&lt;")
                     .replace(/>/g,"&gt;");
      }

</script>

  <div id="mainBodyFixed" style="width:auto; margin:20px">