diff options
| author | Jack Magne <jmagne@localhost.localdomain> | 2015-05-12 13:49:00 -0700 |
|---|---|---|
| committer | Jack Magne <jmagne@localhost.localdomain> | 2015-05-15 17:07:35 -0700 |
| commit | dd4926b4083bcd8898aef703e316403036ce581b (patch) | |
| tree | 6fdb34850e94f2fe13ac5ebf74b1a713bb188260 /base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java | |
| parent | c0d14140aca982ac637d5fd34f1c3ddb23836867 (diff) | |
| download | pki-dd4926b4083bcd8898aef703e316403036ce581b.tar.gz pki-dd4926b4083bcd8898aef703e316403036ce581b.tar.xz pki-dd4926b4083bcd8898aef703e316403036ce581b.zip | |
Fix XSS attacks on the dogtag administration page #1373.
Porting this set of fixes over from last downstream release upstream.
Upon further review, decided to fix a few missing things pointed out by the code review and a few other things:
1. Too many copies of escapeJavaScriptString all over the place. Consolidated the two related functions "escapeJavaScriptString" and "escapeJavaScriptStringHTML" methods in the CMSTemplate class to be called everywhere. Removed the duplicated methods in other classes.
2. There were some places where "escapeJavaScriptString" was called, when we really wanted "escapeJavaScriptStringHTML". Fixed that everywhere. One reason for this is a copied version of "escapeJavaScriptString" actually was identical to CMSTemplate.escapeJavaScriptString, which has been removed.
XSS fixes.
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java')
| -rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java index 7b5343000..7ae623f32 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java @@ -44,6 +44,7 @@ import com.netscape.certsrv.request.IRequestQueue; import com.netscape.certsrv.template.ArgList; import com.netscape.certsrv.template.ArgSet; import com.netscape.cms.servlet.common.CMSRequest; +import com.netscape.cms.servlet.common.CMSTemplate; /** * Toggle the approval state of a profile @@ -359,14 +360,14 @@ public class ProfileApproveServlet extends ProfileServlet { args.set(ARG_ERROR_CODE, "1"); args.set(ARG_ERROR_REASON, e.toString()); args.set(ARG_ERROR_REASON, CMS.getUserMessage(locale, - "CMS_PROFILE_NOT_FOUND", profileId)); + "CMS_PROFILE_NOT_FOUND", CMSTemplate.escapeJavaScriptStringHTML(profileId))); outputTemplate(request, response, args); return; } if (profile == null) { args.set(ARG_ERROR_CODE, "1"); args.set(ARG_ERROR_REASON, CMS.getUserMessage(locale, - "CMS_PROFILE_NOT_FOUND", profileId)); + "CMS_PROFILE_NOT_FOUND", CMSTemplate.escapeJavaScriptStringHTML(profileId))); outputTemplate(request, response, args); return; } |