Escape potentially malicious fields.

I don't think the comment or email fields will be an issue.
2014-05-07 23:11:50 -07:00 · 2014-05-07 23:11:50 -07:00 · 3f69b4d791
commit 3f69b4d791
parent fd2992c831
4 changed files with 31 additions and 5 deletions
--- a/2
+++ b/2
@ -1,5 +1,5 @@
 /*
-* appchan x - Version 2.9.25 - 2014-05-05
+* appchan x - Version 2.9.25 - 2014-05-07
 *
 * Licensed under the MIT license.
 * https://github.com/zixaphir/appchan-x/blob/master/LICENSE
--- a/builds/appchan-x.user.js
+++ b/builds/appchan-x.user.js
@ -25,7 +25,7 @@
 // ==/UserScript==

 /*
-* appchan x - Version 2.9.25 - 2014-05-05
+* appchan x - Version 2.9.25 - 2014-05-07
 *
 * Licensed under the MIT license.
 * https://github.com/zixaphir/appchan-x/blob/master/LICENSE
@ -5791,7 +5791,7 @@
      return path;
    },
    postFromObject: function(data, boardID) {
-      var o;
+      var key, o, safetyBuffer, _i, _len, _ref;
      o = {
        postID: data.no,
        threadID: data.resto || data.no,
@ -5810,6 +5810,16 @@
        isSticky: !!data.sticky,
        isClosed: !!data.closed
      };
+      safetyBuffer = $.el('div');
+      _ref = ['name', 'subject'];
+      for (_i = 0, _len = _ref.length; _i < _len; _i++) {
+        key = _ref[_i];
+        if (!o[key]) {
+          continue;
+        }
+        safetyBuffer.textContent = o[key];
+        o[key] = safetyBuffer.innerHTML;
+      }
      if (data.ext || data.filedeleted) {
        o.file = {
          name: data.filename + data.ext,
--- a/builds/crx/script.js
+++ b/builds/crx/script.js
@ -1,6 +1,6 @@
 // Generated by CoffeeScript
 /*
-* appchan x - Version 2.9.25 - 2014-05-05
+* appchan x - Version 2.9.25 - 2014-05-07
 *
 * Licensed under the MIT license.
 * https://github.com/zixaphir/appchan-x/blob/master/LICENSE
@ -5849,7 +5849,7 @@
      return path;
    },
    postFromObject: function(data, boardID) {
-      var o;
+      var key, o, safetyBuffer, _i, _len, _ref;
      o = {
        postID: data.no,
        threadID: data.resto || data.no,
@ -5868,6 +5868,16 @@
        isSticky: !!data.sticky,
        isClosed: !!data.closed
      };
+      safetyBuffer = $.el('div');
+      _ref = ['name', 'subject'];
+      for (_i = 0, _len = _ref.length; _i < _len; _i++) {
+        key = _ref[_i];
+        if (!o[key]) {
+          continue;
+        }
+        safetyBuffer.textContent = o[key];
+        o[key] = safetyBuffer.innerHTML;
+      }
      if (data.ext || data.filedeleted) {
        o.file = {
          name: data.filename + data.ext,
--- a/src/General/Build.coffee
+++ b/src/General/Build.coffee
@ -42,6 +42,12 @@ Build =
      isSticky: !!data.sticky
      isClosed: !!data.closed
      # file
+
+    safetyBuffer = $.el 'div'
+    for key in ['name', 'subject'] when o[key]
+      safetyBuffer.textContent = o[key]
+      o[key] = safetyBuffer.innerHTML
+
    if data.ext or data.filedeleted
      o.file =
        name:      data.filename + data.ext