[WebUI] Fix encoding HTML entities for torrent attributes
Ensure all torrent attributes that might contain malicious HTML entities are encoded. By allowing HTML entities to be rendered it enable malicious torrent files to perform XSS attacks. Resolves: https://dev.deluge-torrent.org/ticket/3459
This commit is contained in:
parent
f754882498
commit
a5503c0c60
|
@ -57,6 +57,7 @@ Deluge.EditTrackersWindow = Ext.extend(Ext.Window, {
|
|||
header: _('Tracker'),
|
||||
width: 0.9,
|
||||
dataIndex: 'url',
|
||||
tpl: new Ext.XTemplate('{url:htmlEncode}'),
|
||||
},
|
||||
],
|
||||
columnSort: {
|
||||
|
|
|
@ -171,5 +171,5 @@ Deluge.FilterPanel.templates = {
|
|||
tracker_host:
|
||||
'<div class="x-deluge-filter" style="background-image: url(' +
|
||||
deluge.config.base +
|
||||
'tracker/{filter});">{filter} ({count})</div>',
|
||||
'tracker/{filter});">{filter:htmlEncode} ({count})</div>',
|
||||
};
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
return String.format(
|
||||
'<div class="torrent-name x-deluge-{0}">{1}</div>',
|
||||
r.data['state'].toLowerCase(),
|
||||
value
|
||||
Ext.util.Format.htmlEncode(value)
|
||||
);
|
||||
}
|
||||
function torrentSpeedRenderer(value) {
|
||||
|
@ -62,7 +62,7 @@
|
|||
'<div style="background: url(' +
|
||||
deluge.config.base +
|
||||
'tracker/{0}) no-repeat; padding-left: 20px;">{0}</div>',
|
||||
value
|
||||
Ext.util.Format.htmlEncode(value)
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
@ -93,6 +93,9 @@ Deluge.add.AddWindow = Ext.extend(Deluge.add.Window, {
|
|||
sortable: true,
|
||||
renderer: torrentRenderer,
|
||||
dataIndex: 'text',
|
||||
tpl: new Ext.XTemplate(
|
||||
'<div class="x-deluge-add-torrent-name">{text:htmlEncode}</div>'
|
||||
),
|
||||
},
|
||||
],
|
||||
stripeRows: true,
|
||||
|
|
|
@ -28,6 +28,7 @@ Deluge.add.FilesTab = Ext.extend(Ext.ux.tree.TreeGrid, {
|
|||
header: _('Filename'),
|
||||
width: 295,
|
||||
dataIndex: 'filename',
|
||||
tpl: new Ext.XTemplate('{filename:htmlEncode}'),
|
||||
},
|
||||
{
|
||||
header: _('Size'),
|
||||
|
|
|
@ -91,7 +91,9 @@ Deluge.details.DetailsTab = Ext.extend(Ext.Panel, {
|
|||
for (var field in this.fields) {
|
||||
if (!Ext.isDefined(data[field])) continue; // This is a field we are not responsible for.
|
||||
if (data[field] == this.oldData[field]) continue;
|
||||
this.fields[field].dom.innerHTML = Ext.escapeHTML(data[field]);
|
||||
this.fields[field].dom.innerHTML = Ext.util.Format.htmlEncode(
|
||||
data[field]
|
||||
);
|
||||
}
|
||||
this.oldData = data;
|
||||
},
|
||||
|
|
|
@ -18,6 +18,7 @@ Deluge.details.FilesTab = Ext.extend(Ext.ux.tree.TreeGrid, {
|
|||
header: _('Filename'),
|
||||
width: 330,
|
||||
dataIndex: 'filename',
|
||||
tpl: new Ext.XTemplate('{filename:htmlEncode}'),
|
||||
},
|
||||
{
|
||||
header: _('Size'),
|
||||
|
|
|
@ -73,7 +73,7 @@
|
|||
header: _('Client'),
|
||||
width: 125,
|
||||
sortable: true,
|
||||
renderer: fplain,
|
||||
renderer: 'htmlEncode',
|
||||
dataIndex: 'client',
|
||||
},
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue