diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine - CVE-2019-10909 (stof) 

This PR was merged into the 2.7 branch.

Discussion
----------

[FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine - CVE-2019-10909

https://www.intigriti.com/researcher/submission/CfDJ8Pja6NZvkpNCmx5vVyiGSn4K0Hgfyo6ynNDaSmw63JqRiMJ1Arv1xOxeLFRsv7xVI0MAspfOj8pKsT-ruB6Pfx5HvSOKt0UzPUqqpEWtGNo2kb3xuLP19uhpuMvrZOXnDA

![image](https://user-images.githubusercontent.com/211740/55671589-dc3d0700-5891-11e9-8420-2ab8961c69db.png)

Commits
-------

e645e2aa7e Fix XSS issues in the form theme of the PHP templating engine
This commit is contained in:
Nicolas Grekas 2019-04-16 11:40:42 +02:00
parent 2681a5f4ba
commit 783ef2fb1d
3 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/choice_widget_collapsed.html.php
View File

@ -11,7 +11,7 @@
<?php if (count($preferred_choices) > 0): ?>
<?php echo $view['form']->block($form, 'choice_widget_options', array('choices' => $preferred_choices)) ?>
<?php if (count($choices) > 0 && null !== $separator): ?>
<option disabled="disabled"><?php echo $separator ?></option>
<option disabled="disabled"><?php echo $view->escape($separator) ?></option>
<?php endif ?>
<?php endif ?>
<?php echo $view['form']->block($form, 'choice_widget_options', array('choices' => $choices)) ?>

2
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/form_errors.html.php
View File

@ -1,7 +1,7 @@
<?php if (count($errors) > 0): ?>
<ul>
<?php foreach ($errors as $error): ?>
<li><?php echo $error->getMessage() ?></li>
<li><?php echo $view->escape($error->getMessage()) ?></li>
<?php endforeach; ?>
</ul>
<?php endif ?>

4
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/form_start.html.php
View File

@ -1,6 +1,6 @@
<?php $method = strtoupper($method) ?>
<?php $form_method = $method === 'GET' || $method === 'POST' ? $method : 'POST' ?>
<form name="<?php echo $name ?>" method="<?php echo strtolower($form_method) ?>" action="<?php echo $action ?>"<?php foreach ($attr as $k => $v) { printf(' %s="%s"', $view->escape($k), $view->escape($v)); } ?><?php if ($multipart): ?> enctype="multipart/form-data"<?php endif ?>>
<form name="<?php echo $name ?>" method="<?php echo strtolower($form_method) ?>" action="<?php echo $view->escape($action) ?>"<?php foreach ($attr as $k => $v) { printf(' %s="%s"', $view->escape($k), $view->escape($v)); } ?><?php if ($multipart): ?> enctype="multipart/form-data"<?php endif ?>>
<?php if ($form_method !== $method): ?>
<input type="hidden" name="_method" value="<?php echo $method ?>" />
<input type="hidden" name="_method" value="<?php echo $view->escape($method) ?>" />
<?php endif ?>