Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix #13191: Prevent further XSS issues relating to PHP_SELF
Silvia Alvarez (Debian package manager for MantisBT) has performed additional testing of patch d00745f and discovered that the XSS problems surrounding the use of $_SERVER['PHP_SELF'] have not been fully fixed. The form_action_self() function also used $_SERVER['PHP_SELF'] (retrieving the basename() component of the file name). Callees of this function did not escape this file name prior to printing it in the 'action' attribute of <form> elements. This patch swaps out PHP_SELF for SCRIPT_NAME (much safer as end users have no control over the value) and also applies escaping to the 'action' attribute of relevant <form> elements. Refer to Debian bug report #640297 [1] and dicussion on the mantisbt-dev mailing list for further details. Thank you Sils for the detailed analysis of the problem, detailed report, proposed solutions and extensive testing of patches for the latest round of vulnerabilities discovered. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297
- Loading branch information
1 parent
cb74408
commit e679a1c
Showing
8 changed files
with
9 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters