Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 16958: Fix XSS in opac-imageviewer.pl

Browse source 
Test plan:
Trigger
/opac-imageviewer.pl?biblionumber=14&imagenumber=7"><sCrIpT>alert(42)<%2fsCrIpT>

=> Without this patch you will see the JS alert
=> With this patch applied you won't see it

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This commit is contained in:
Jonathan Druart 2016-07-22 08:14:27 +01:00 committed by Kyle M Hall
parent 87d96b973a
commit 65918b146c
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-imageviewer.tt
View file

@ -84,7 +84,7 @@
<div class="span9">
<div id="imageviewer">
<div id="largeCover">
<img id="largeCoverImg" alt="" src="/cgi-bin/koha/opac-image.pl?imagenumber=[% imagenumber %]" />
<img id="largeCoverImg" alt="" src="/cgi-bin/koha/opac-image.pl?imagenumber=[% imagenumber | url %]" />
</div>
</div> <!-- / #imageviewer -->
</div> <!-- / .span12 -->
@ -94,7 +94,7 @@
<div id="thumbnails">
[% FOREACH img IN images %]
[% IF img %]
<a href="/cgi-bin/koha/opac-imageviewer.pl?biblionumber=[% biblionumber %]&amp;imagenumber=[% img %]" onclick="showCover([% img %]); return false;">
<a href="/cgi-bin/koha/opac-imageviewer.pl?biblionumber=[% biblionumber | url %]&amp;imagenumber=[% img %]" onclick="showCover([% img %]); return false;">
[% IF ( imagenumber == img ) %]
<img class="thumbnail selected" id="[% img %]" src="/cgi-bin/koha/opac-image.pl?imagenumber=[% img %]&amp;thumbnail=1" alt="Thumbnail"/>
[% ELSE %]
@ -120,7 +120,7 @@
//<![CDATA[
$(document).ready(function(){
$("#largeCoverImg").attr("src","[% interface %]/[% theme %]/images/loading.gif");
showCover([% imagenumber %]);
showCover([% imagenumber | html %]);
});
function showCover(img) {