Download as
Browse Code »

Commit 8383b52e919f32187208aa4db758a5c1549b7769

Authored by Rodrigo Souto
Committed by Antonio Terceiro
1 parent 0f455456
Exists in master and in 28 other branches 1.2+SPB2, 2_split_by_role, add_fields_in_api, api_fixies, api_pagination, api_private_token, api_tasks, article_hit_count, blog_page_bug, checkbox_to_user_can_edit_page, communities_ratings, communities_ratings_moderation, community_ratings_rebase, fix_cloned_article_parent, fix_gallery_image_url, fix_javascript_categories, fix_optional_fields, fix_suggest_article, fix_user_email_validation, highlight_block_fix, notification_plugin, notification_plugin_rebase, script_to_update, split_by_role, stable, temp_ratings, tests, tests_fixies

Filtering xss attack in comment field name 

(ActionItem1371)
Showing 2 changed files with 9 additions and 1 deletions   Show diff stats
app/models/comment.rb
  Diff comments   View file @8383b52
... ... @@ -17,7 +17,7 @@ class Comment < ActiveRecord::Base
17 17 end
18 18 end
19 19  
20   - xss_terminate :only => [ :body, :title ]
  20 + xss_terminate :only => [ :body, :title, :name ]
21 21  
22 22 def author_name
23 23 if author
... ...
test/unit/comment_test.rb
  Diff comments   View file @8383b52
... ... @@ -179,4 +179,12 @@ class CommentTest < Test::Unit::TestCase
179 179 assert comment.url[:view]
180 180 end
181 181  
  182 + should 'not fill fields with javascript' do
  183 + owner = create_user('testuser').person
  184 + article = owner.articles.create!(:name => 'test', :body => '...')
  185 + javascript = "<script>alert('XSS')</script>"
  186 + comment = article.comments.create!(:article => article, :name => javascript, :title => javascript, :body => javascript, :email => 'cracker@test.org')
  187 + assert_no_match(/<script>/, comment.name)
  188 + end
  189 +
182 190 end
... ...