XSS vulnerability when remote-subscribing

->raw was used on non-filtered strings for some reasons, changed
to ->text.
This commit is contained in:
Mikael Nordfeldth 2016-01-05 12:15:50 +01:00
parent df8c14d66a
commit ab93bb009c

View File

@ -193,31 +193,31 @@ class OStatusSubAction extends Action
$hasFN = ($fullname !== '') ? 'nickname' : 'fn nickname entity_nickname'; $hasFN = ($fullname !== '') ? 'nickname' : 'fn nickname entity_nickname';
$this->elementStart('a', array('href' => $profile, $this->elementStart('a', array('href' => $profile,
'class' => 'url '.$hasFN)); 'class' => 'url '.$hasFN));
$this->raw($nickname); $this->text($nickname);
$this->elementEnd('a'); $this->elementEnd('a');
if (!is_null($fullname)) { if (!is_null($fullname)) {
$this->elementStart('div', 'fn entity_fn'); $this->elementStart('div', 'fn entity_fn');
$this->raw($fullname); $this->text($fullname);
$this->elementEnd('div'); $this->elementEnd('div');
} }
if (!is_null($location)) { if (!is_null($location)) {
$this->elementStart('div', 'label entity_location'); $this->elementStart('div', 'label entity_location');
$this->raw($location); $this->text($location);
$this->elementEnd('div'); $this->elementEnd('div');
} }
if (!is_null($homepage)) { if (!is_null($homepage)) {
$this->elementStart('a', array('href' => $homepage, $this->elementStart('a', array('href' => $homepage,
'class' => 'url entity_url')); 'class' => 'url entity_url'));
$this->raw($homepage); $this->text($homepage);
$this->elementEnd('a'); $this->elementEnd('a');
} }
if (!is_null($note)) { if (!is_null($note)) {
$this->elementStart('div', 'note entity_note'); $this->elementStart('div', 'note entity_note');
$this->raw($note); $this->text($note);
$this->elementEnd('div'); $this->elementEnd('div');
} }
$this->elementEnd('div'); $this->elementEnd('div');