diff options
author | ArthurHoaro <arthur@hoa.ro> | 2020-10-06 17:30:18 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2020-10-06 17:30:18 +0200 |
commit | 72fbbcd6794facea2cf06d9742359d190257b00f (patch) | |
tree | a4d6f446ec861f9a7591edb31f322e2a846b2bac /application/front/controller/visitor/TagCloudController.php | |
parent | df25b28dcd3cde54d42c18a55a810daa82bf5727 (diff) | |
download | Shaarli-72fbbcd6794facea2cf06d9742359d190257b00f.tar.gz Shaarli-72fbbcd6794facea2cf06d9742359d190257b00f.tar.zst Shaarli-72fbbcd6794facea2cf06d9742359d190257b00f.zip |
Security: fix multiple XSS vulnerabilities + fix search tags with special chars
XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.
Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
Diffstat (limited to 'application/front/controller/visitor/TagCloudController.php')
-rw-r--r-- | application/front/controller/visitor/TagCloudController.php | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/application/front/controller/visitor/TagCloudController.php b/application/front/controller/visitor/TagCloudController.php index f9c529bc..76ed7690 100644 --- a/application/front/controller/visitor/TagCloudController.php +++ b/application/front/controller/visitor/TagCloudController.php | |||
@@ -66,10 +66,18 @@ class TagCloudController extends ShaarliVisitorController | |||
66 | $tags = $this->formatTagsForCloud($tags); | 66 | $tags = $this->formatTagsForCloud($tags); |
67 | } | 67 | } |
68 | 68 | ||
69 | $tagsUrl = []; | ||
70 | foreach ($tags as $tag => $value) { | ||
71 | $tagsUrl[escape($tag)] = urlencode((string) $tag); | ||
72 | } | ||
73 | |||
69 | $searchTags = implode(' ', escape($filteringTags)); | 74 | $searchTags = implode(' ', escape($filteringTags)); |
75 | $searchTagsUrl = urlencode(implode(' ', $filteringTags)); | ||
70 | $data = [ | 76 | $data = [ |
71 | 'search_tags' => $searchTags, | 77 | 'search_tags' => escape($searchTags), |
72 | 'tags' => $tags, | 78 | 'search_tags_url' => $searchTagsUrl, |
79 | 'tags' => escape($tags), | ||
80 | 'tags_url' => $tagsUrl, | ||
73 | ]; | 81 | ]; |
74 | $this->executePageHooks('render_tag' . $type, $data, 'tag.' . $type); | 82 | $this->executePageHooks('render_tag' . $type, $data, 'tag.' . $type); |
75 | $this->assignAllView($data); | 83 | $this->assignAllView($data); |