From 72fbbcd6794facea2cf06d9742359d190257b00f Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Tue, 6 Oct 2020 17:30:18 +0200 Subject: Security: fix multiple XSS vulnerabilities + fix search tags with special chars XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list. Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong. --- application/front/controller/visitor/BookmarkListController.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'application/front/controller/visitor/BookmarkListController.php') diff --git a/application/front/controller/visitor/BookmarkListController.php b/application/front/controller/visitor/BookmarkListController.php index 2988bee6..18368751 100644 --- a/application/front/controller/visitor/BookmarkListController.php +++ b/application/front/controller/visitor/BookmarkListController.php @@ -34,7 +34,7 @@ class BookmarkListController extends ShaarliVisitorController $formatter = $this->container->formatterFactory->getFormatter(); $formatter->addContextData('base_path', $this->container->basePath); - $searchTags = escape(normalize_spaces($request->getParam('searchtags') ?? '')); + $searchTags = normalize_spaces($request->getParam('searchtags') ?? ''); $searchTerm = escape(normalize_spaces($request->getParam('searchterm') ?? ''));; // Filter bookmarks according search parameters. @@ -104,8 +104,9 @@ class BookmarkListController extends ShaarliVisitorController 'page_current' => $page, 'page_max' => $pageCount, 'result_count' => count($linksToDisplay), - 'search_term' => $searchTerm, - 'search_tags' => $searchTags, + 'search_term' => escape($searchTerm), + 'search_tags' => escape($searchTags), + 'search_tags_url' => array_map('urlencode', explode(' ', $searchTags)), 'visibility' => $visibility, 'links' => $linkDisp, ] -- cgit v1.2.3