From f01c8ec4f1324ed8b68e912220735af96c86883c Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Sun, 17 Mar 2013 14:55:55 +0400 Subject: [PATCH] prevent absolutely useless 'exploit' (not really) while editing filters (closes #572) --- classes/pref/filters.php | 2 +- js/functions.js | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/classes/pref/filters.php b/classes/pref/filters.php index 74a29c619..20abae1d0 100644 --- a/classes/pref/filters.php +++ b/classes/pref/filters.php @@ -372,7 +372,7 @@ class Pref_Filters extends Handler_Protected { WHERE id = ".(int)$rule["filter_type"]); $match_on = db_fetch_result($result, 0, "description"); - return T_sprintf("%s on %s in %s", $rule["reg_exp"], $match_on, $feed); + return T_sprintf("%s on %s in %s", strip_tags($rule["reg_exp"]), $match_on, $feed); } function printRuleName() { diff --git a/js/functions.js b/js/functions.js index 72f72ddaa..e00690c1c 100644 --- a/js/functions.js +++ b/js/functions.js @@ -964,6 +964,8 @@ function createNewRuleElement(parentNode, replaceNode) { try { var form = document.forms["filter_new_rule_form"]; + form.reg_exp.value = form.reg_exp.value.replace(/(<([^>]+)>)/ig,""); + var query = "backend.php?op=pref-filters&method=printrulename&rule="+ param_escape(dojo.formToJson(form));