extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-26 16:48:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix a XSS issue in mailto temporary form post method

Browse Source
This commit is contained in:
Hadi Nategh 2015-06-09 16:14:53 +00:00
parent 2d9821ff01
commit c14a917390
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
phpgwapi/js/jsapi/app_base.js
View File

@ -141,7 +141,7 @@ var AppJS = Class.extend(
} }
this.et2 = et2.widgetContainer; this.et2 = et2.widgetContainer;
this._fix_iFrameScrolling(); this._fix_iFrameScrolling();
if (this.egw.is_popup()) this._set_Window_title(); if (this.egw && this.egw.is_popup()) this._set_Window_title();
}, },
/** /**

12
phpgwapi/js/jsapi/egw_open.js
View File

@ -71,9 +71,15 @@ egw.extend('open', egw.MODULE_WND_LOCAL, function(_egw, _wnd)
if (uri.length > 2083) if (uri.length > 2083)
{ {
popup = egw.open('','mail','add','','compose__','mail'); popup = egw.open('','mail','add','','compose__','mail');
// Build a temp Form and submit right away var $tmpForm = jQuery(document.createElement('form')).appendTo('body');
var $tmpForm = jQuery('<form method="post" target="'+popup.name+'" action="index.php?menuaction=mail.mail_compose.compose">\n\ var $tmpInput = jQuery(document.createElement('input')).attr({name:"preset[mailto]", type:"text", value: uri});
<input name="preset[mailto]" type="text" value="'+uri+'"></input><input type="submit"></input></form>').appendTo('body').submit(); var $tmpSubmitInput = jQuery(document.createElement('input')).attr({type:"submit"});
// Set the temporary form's attributes
$tmpForm.attr({target:popup.name, action:"index.php?menuaction=mail.mail_compose.compose", method:"post"})
.append($tmpInput)
.append($tmpSubmitInput);
$tmpForm.submit();
// Remove the form after submit
$tmpForm.remove(); $tmpForm.remove();
} }
else // simple GET request else // simple GET request