TRKJ/gitea
2
0
Fork 0
mirror of https://gitee.com/gitea/gitea synced 2025-11-04 16:40:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

Security: prevent XSS attach on wiki page

Browse Source 
Reported by Miguel Ángel Jimeno.
This commit is contained in:
Unknwon
2017-02-15 18:05:02 -05:00
committed by Kim "BKC" Carlbäcker
parent 43c94d0a6c
commit 134f3e6e09
2 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/templates/helper.go
View File

@@ -15,6 +15,7 @@ import (
"strings" "strings"
"time" "time"
"github.com/microcosm-cc/bluemonday"
"golang.org/x/net/html/charset" "golang.org/x/net/html/charset"
"golang.org/x/text/transform" "golang.org/x/text/transform"
"gopkg.in/editorconfig/editorconfig-core-go.v1" "gopkg.in/editorconfig/editorconfig-core-go.v1"
@@ -61,6 +62,7 @@ func NewFuncMap() []template.FuncMap {
}, },
"AvatarLink": base.AvatarLink, "AvatarLink": base.AvatarLink,
"Safe": Safe, "Safe": Safe,
"Sanitize": bluemonday.UGCPolicy().Sanitize,
"Str2html": Str2html, "Str2html": Str2html,
"TimeSince": base.TimeSince, "TimeSince": base.TimeSince,
"RawTimeSince": base.RawTimeSince, "RawTimeSince": base.RawTimeSince,

11
templates/repo/wiki/view.tmpl
View File

@@ -1,6 +1,7 @@
{{template "base/head" .}} {{template "base/head" .}}
<div class="repository wiki view"> <div class="repository wiki view">
{{template "repo/header" .}} {{template "repo/header" .}}
{{ $title := .title | Sanitize}}
<div class="ui container"> <div class="ui container">
<div class="ui grid"> <div class="ui grid">
<div class="ui ten wide column"> <div class="ui ten wide column">
@@ -9,7 +10,7 @@
<div class="ui basic small button"> <div class="ui basic small button">
<span class="text"> <span class="text">
{{.i18n.Tr "repo.wiki.page"}}: {{.i18n.Tr "repo.wiki.page"}}:
<strong>{{.title}}</strong> <strong>{{$title}}</strong>
</span> </span>
<i class="dropdown icon"></i> <i class="dropdown icon"></i>
</div> </div>
@@ -20,7 +21,7 @@
</div> </div>
<div class="scrolling menu"> <div class="scrolling menu">
{{range .Pages}} {{range .Pages}}
<div class="item {{if eq $.Title .Name}}selected{{end}}" data-url="{{$.RepoLink}}/wiki/{{.URL}}">{{.Name}}</div> <div class="item {{if eq $.Title .Name}}selected{{end}}" data-url="{{$.RepoLink}}/wiki/{{.URL}}">{{.Name | Sanitize}}</div>
{{end}} {{end}}
</div> </div>
</div> </div>
@@ -50,8 +51,8 @@
</div> </div>
</div> </div>
</div> </div>
<div class="ui header"> <div class="ui dividing header">
{{.title}} {{$title}}
{{if and .IsRepositoryWriter (not .Repository.IsMirror)}} {{if and .IsRepositoryWriter (not .Repository.IsMirror)}}
<div class="ui right"> <div class="ui right">
<a class="ui small button" href="{{.RepoLink}}/wiki/{{EscapePound .PageURL}}/_edit">{{.i18n.Tr "repo.wiki.edit_page_button"}}</a> <a class="ui small button" href="{{.RepoLink}}/wiki/{{EscapePound .PageURL}}/_edit">{{.i18n.Tr "repo.wiki.edit_page_button"}}</a>
@@ -95,7 +96,7 @@
{{.i18n.Tr "repo.wiki.delete_page_button"}} {{.i18n.Tr "repo.wiki.delete_page_button"}}
</div> </div>
<div class="content"> <div class="content">
<p>{{.i18n.Tr "repo.wiki.delete_page_notice_1" .title | Safe}}</p> <p>{{.i18n.Tr "repo.wiki.delete_page_notice_1" $title | Safe}}</p>
</div> </div>
{{template "base/delete_modal_actions" .}} {{template "base/delete_modal_actions" .}}
</div> </div>