forked from OpenNeo/impress
xss vulnerability in outfits#show
This one was actually pretty darn clever - nobody's abused it, but I was reading a blog post where someone described this type of issue, I realized it was a brilliant attack, and then realized DTI was vulnerable. Oops. Thanks for the solution, Jamie! http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix
This commit is contained in:
parent
671641cc16
commit
5601511ad5
2 changed files with 5 additions and 1 deletions
|
@ -129,6 +129,10 @@ module ApplicationHelper
|
||||||
def return_to_field_tag
|
def return_to_field_tag
|
||||||
hidden_field_tag :return_to, request.fullpath
|
hidden_field_tag :return_to, request.fullpath
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def safely_to_json(obj)
|
||||||
|
obj.to_json.gsub('/', '\/')
|
||||||
|
end
|
||||||
|
|
||||||
def secondary_nav(&block)
|
def secondary_nav(&block)
|
||||||
content_for :before_flashes,
|
content_for :before_flashes,
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
#outfit-items= render @outfit.worn_items
|
#outfit-items= render @outfit.worn_items
|
||||||
- content_for :javascripts do
|
- content_for :javascripts do
|
||||||
:javascript
|
:javascript
|
||||||
var INITIAL_OUTFIT_DATA = #{@outfit.to_json};
|
var INITIAL_OUTFIT_DATA = #{safely_to_json @outfit};
|
||||||
= include_javascript_libraries :jquery, :swfobject
|
= include_javascript_libraries :jquery, :swfobject
|
||||||
= include_javascripts :show_outfit_package
|
= include_javascripts :show_outfit_package
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue