Fix XSS hole in inline comment editing · recaptime.dev/phorge@864e0d8

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork

Fix XSS hole in inline comment editing

Summary:
Thanks to erling for the report. This was XSSable, although you could
only get yourself.

Test Plan:
Made a comment like "</textarea><h1>" and edited it before and after
the patch. Proper behavior with this patch.

Reviewed By: aran
Reviewers: erling, jungejason, tuomaspelkonen, aran
CC: aran
Differential Revision: 187

epriestley 15 years ago 864e0d8a 78d33b17

+1 -1

1 changed file

expand all

src

applications

differential

controller

inlinecommentedit

DifferentialInlineCommentEditController.php

+1 -1

src/applications/differential/controller/inlinecommentedit/DifferentialInlineCommentEditController.php

··· 188 188 'class' => 'differential-inline-comment-edit-textarea', 189 189 'name' => 'text', 190 190 ), 191 - $text); 191 + phutil_escape_html($text)); 192 192 } 193 193 194 194 }

Configure Feed

Configure Feed