[Web] Fix XSS in app password names
This commit is contained in:
parent
f2ed26f026
commit
423ccb9ba9
@ -23,9 +23,9 @@ function app_passwd($_action, $_data = null) {
|
|||||||
}
|
}
|
||||||
switch ($_action) {
|
switch ($_action) {
|
||||||
case 'add':
|
case 'add':
|
||||||
$app_name = trim($_data['app_name']);
|
$app_name = htmlspecialchars(trim($_data['app_name']));
|
||||||
$password = $_data['app_passwd'];
|
$password = $_data['app_passwd'];
|
||||||
$password2 = $_data['app_passwd2'];
|
$password2 = $_data['app_passwd2'];
|
||||||
$active = intval($_data['active']);
|
$active = intval($_data['active']);
|
||||||
$domain = mailbox('get', 'mailbox_details', $username)['domain'];
|
$domain = mailbox('get', 'mailbox_details', $username)['domain'];
|
||||||
if (empty($domain)) {
|
if (empty($domain)) {
|
||||||
@ -94,7 +94,7 @@ function app_passwd($_action, $_data = null) {
|
|||||||
);
|
);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
$app_name = trim($app_name);
|
$app_name = htmlspecialchars(trim($app_name));
|
||||||
if (!empty($password) && !empty($password2)) {
|
if (!empty($password) && !empty($password2)) {
|
||||||
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password)) {
|
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password)) {
|
||||||
$_SESSION['return'][] = array(
|
$_SESSION['return'][] = array(
|
||||||
@ -198,6 +198,7 @@ function app_passwd($_action, $_data = null) {
|
|||||||
$app_passwd_data = array();
|
$app_passwd_data = array();
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
$app_passwd_data['name'] = htmlspecialchars(trim($app_passwd_data['name']));
|
||||||
return $app_passwd_data;
|
return $app_passwd_data;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -177,6 +177,7 @@ jQuery(function($){
|
|||||||
},
|
},
|
||||||
success: function (data) {
|
success: function (data) {
|
||||||
$.each(data, function (i, item) {
|
$.each(data, function (i, item) {
|
||||||
|
item.name = escapeHtml(item.name);
|
||||||
if (acl_data.app_passwds === 1) {
|
if (acl_data.app_passwds === 1) {
|
||||||
item.action = '<div class="btn-group">' +
|
item.action = '<div class="btn-group">' +
|
||||||
'<a href="/edit/app-passwd/' + item.id + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>' +
|
'<a href="/edit/app-passwd/' + item.id + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>' +
|
||||||
|
Loading…
Reference in New Issue
Block a user