forked from OpenNeo/impress
xss vulnerability in outfits#show
This one was actually pretty darn clever - nobody's abused it, but I was reading a blog post where someone described this type of issue, I realized it was a brilliant attack, and then realized DTI was vulnerable. Oops. Thanks for the solution, Jamie! http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix
This commit is contained in:
parent
671641cc16
commit
5601511ad5
2 changed files with 5 additions and 1 deletions
|
@ -129,6 +129,10 @@ module ApplicationHelper
|
|||
def return_to_field_tag
|
||||
hidden_field_tag :return_to, request.fullpath
|
||||
end
|
||||
|
||||
def safely_to_json(obj)
|
||||
obj.to_json.gsub('/', '\/')
|
||||
end
|
||||
|
||||
def secondary_nav(&block)
|
||||
content_for :before_flashes,
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
#outfit-items= render @outfit.worn_items
|
||||
- content_for :javascripts do
|
||||
:javascript
|
||||
var INITIAL_OUTFIT_DATA = #{@outfit.to_json};
|
||||
var INITIAL_OUTFIT_DATA = #{safely_to_json @outfit};
|
||||
= include_javascript_libraries :jquery, :swfobject
|
||||
= include_javascripts :show_outfit_package
|
||||
|
||||
|
|
Loading…
Reference in a new issue