Changeset 2548

Timestamp:

04/21/08 13:47:53 (5 months ago)

Author:

Geert

Message:

Security update to prevent XSS.
See: http://forum.kohanaphp.com/comments.php?DiscussionID=352

Location:

trunk/system

Files:

• helpers/form.php (modified) (1 diff)
• views/kohana_error_disabled.php (modified) (1 diff)
• views/kohana_error_page.php (modified) (1 diff)

trunk/system/helpers/form.php

@@ -34 +34 @@
                 {
                         // Use the current URL as the default action
-                        $action = url::site(Router::$current_uri);
+                        // Apply htmlspecialchars to current URI to prevent XSS
+                        $action = url::site(html::specialchars(Router::$current_uri));
                 }
                 elseif (strpos($action, '://') === FALSE)

trunk/system/views/kohana_error_disabled.php

@@ -10 +10 @@
 </style>
 <div id="framework_error" style="width:24em;margin:50px auto;">
-<h3><?php echo $error ?></h3>
-<p style="text-align:center"><?php echo $message ?></p>
+<h3><?php echo html::specialchars($error) ?></h3>
+<p style="text-align:center"><?php echo html::specialchars($message) ?></p>
 </div>
 </body>

trunk/system/views/kohana_error_page.php

@@ -11 +11 @@
 </style>
 <div id="framework_error" style="width:42em;margin:20px auto;">
-<h3><?php echo $error ?></h3>
-<p><?php echo $description ?></p>
+<h3><?php echo html::specialchars($error) ?></h3>
+<p><?php echo html::specialchars($description) ?></p>
 <?php if ( ! empty($line) AND ! empty($file)): ?>
 <p><?php echo Kohana::lang('core.error_file_line', $file, $line) ?></p>
 <?php endif ?>
-<p><code class="block"><?php echo $message ?></code></p>
+<p><code class="block"><?php echo html::specialchars($message) ?></code></p>
 <?php if ( ! empty($trace)): ?>
 <h3><?php echo Kohana::lang('core.stack_trace') ?></h3>