From 5601511ad569be9ce7d18cbae5a3e1a915af6434 Mon Sep 17 00:00:00 2001
From: Matchu <matchu1993@gmail.com>
Date: Sat, 20 Oct 2012 17:56:38 -0500
Subject: [PATCH] xss vulnerability in outfits#show

This one was actually pretty darn clever - nobody's abused it, but
I was reading a blog post where someone described this type of
issue, I realized it was a brilliant attack, and then realized
DTI was vulnerable. Oops. Thanks for the solution, Jamie!

http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix
---
 app/helpers/application_helper.rb | 4 ++++
 app/views/outfits/show.html.haml  | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 63d4af2f..21ccfecd 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -129,6 +129,10 @@ module ApplicationHelper
   def return_to_field_tag
     hidden_field_tag :return_to, request.fullpath
   end
+  
+  def safely_to_json(obj)
+    obj.to_json.gsub('/', '\/')
+  end
 
   def secondary_nav(&block)
     content_for :before_flashes,
diff --git a/app/views/outfits/show.html.haml b/app/views/outfits/show.html.haml
index 0a769542..207285bd 100644
--- a/app/views/outfits/show.html.haml
+++ b/app/views/outfits/show.html.haml
@@ -21,7 +21,7 @@
 #outfit-items= render @outfit.worn_items
 - content_for :javascripts do
   :javascript
-    var INITIAL_OUTFIT_DATA = #{@outfit.to_json};
+    var INITIAL_OUTFIT_DATA = #{safely_to_json @outfit};
   = include_javascript_libraries :jquery, :swfobject
   = include_javascripts :show_outfit_package