Fix XSS
This commit is contained in:
Laurent Destailleur
parent
1ad6461ade
commit
cddec2f4dc
@ -1454,7 +1454,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
|
||||
// Login
|
||||
if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED)) {
|
||||
print '<tr><td class="titlefield">'.$langs->trans("Login").' / '.$langs->trans("Id").'</td><td class="valeur">'.$object->login.' </td></tr>';
|
||||
print '<tr><td class="titlefield">'.$langs->trans("Login").' / '.$langs->trans("Id").'</td><td class="valeur">'.dol_escape_htmltag($object->login).'</td></tr>';
|
||||
}
|
||||
|
||||
// Type
|
||||
@ -1471,10 +1471,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
print '</td></tr>';
|
||||
|
||||
// Company
|
||||
print '<tr><td>'.$langs->trans("Company").'</td><td class="valeur">'.$object->company.'</td></tr>';
|
||||
print '<tr><td>'.$langs->trans("Company").'</td><td class="valeur">'.dol_escape_htmltag($object->company).'</td></tr>';
|
||||
|
||||
// Civility
|
||||
print '<tr><td>'.$langs->trans("UserTitle").'</td><td class="valeur">'.$object->getCivilityLabel().' </td>';
|
||||
print '<tr><td>'.$langs->trans("UserTitle").'</td><td class="valeur">'.$object->getCivilityLabel().'</td>';
|
||||
print '</tr>';
|
||||
|
||||
// Password
|
||||
|
||||
@ -87,9 +87,10 @@ function testSqlAndScriptInject($val, $type)
|
||||
// When it found '<script', 'javascript:', '<style', 'onload\s=' on body tag, '="&' on a tag size with old browsers
|
||||
// All examples on page: http://ha.ckers.org/xss.html#XSScalc
|
||||
// More on https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
|
||||
$inj += preg_match('/<script/i', $val);
|
||||
$inj += preg_match('/<iframe/i', $val);
|
||||
$inj += preg_match('/<audio/i', $val);
|
||||
$inj += preg_match('/<iframe/i', $val);
|
||||
$inj += preg_match('/<object/i', $val);
|
||||
$inj += preg_match('/<script/i', $val);
|
||||
$inj += preg_match('/Set\.constructor/i', $val); // ECMA script 6
|
||||
if (!defined('NOSTYLECHECK')) $inj += preg_match('/<style/i', $val);
|
||||
$inj += preg_match('/base[\s]+href/si', $val);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user