Download as
Browse Code »

Commit 8383b52e919f32187208aa4db758a5c1549b7769

Authored by Rodrigo Souto
Committed by Antonio Terceiro
1 parent 0f455456
Exists in master and in 23 other branches activate_plugin, api_fixies, api_tasks, article_blog_visualization_format, article_layout_refactoring, article_layout_temp, blog_page_bug, clone_article, communities_ratings, design_template, event_layout, fix_forum, fix_optional_fields, fix_suggest_article, folder_improvments, manage_organization, merge_deactive_and_ban, news_page, script_to_update, stable, template_mirror_block, tests, tests_fixies

Filtering xss attack in comment field name 

(ActionItem1371)
Showing 2 changed files with 9 additions and 1 deletions   Show diff stats
app/models/comment.rb
  Diff comments   View file @8383b52
@@ -17,7 +17,7 @@ class Comment < ActiveRecord::Base @@ -17,7 +17,7 @@ class Comment < ActiveRecord::Base
17 end 17 end
18 end 18 end
19 19
20 - xss_terminate :only => [ :body, :title ] 20 + xss_terminate :only => [ :body, :title, :name ]
21 21
22 def author_name 22 def author_name
23 if author 23 if author
test/unit/comment_test.rb
  Diff comments   View file @8383b52
@@ -179,4 +179,12 @@ class CommentTest < Test::Unit::TestCase @@ -179,4 +179,12 @@ class CommentTest < Test::Unit::TestCase
179 assert comment.url[:view] 179 assert comment.url[:view]
180 end 180 end
181 181
  182 + should 'not fill fields with javascript' do
  183 + owner = create_user('testuser').person
  184 + article = owner.articles.create!(:name => 'test', :body => '...')
  185 + javascript = "<script>alert('XSS')</script>"
  186 + comment = article.comments.create!(:article => article, :name => javascript, :title => javascript, :body => javascript, :email => 'cracker@test.org')
  187 + assert_no_match(/<script>/, comment.name)
  188 + end
  189 +
182 end 190 end