You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ra...@apache.org on 2015/05/13 15:18:26 UTC
svn commit: r1679204 - in /sling/trunk/bundles/extensions/xss/src:
main/java/org/apache/sling/xss/impl/XSSAPIImpl.java
test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java
Author: radu
Date: Wed May 13 13:18:25 2015
New Revision: 1679204
URL: http://svn.apache.org/r1679204
Log:
SLING-4525 - XSS protection path mangling issue
* Added proper encoding for colons in query string
* Added testcases based on Georg Koester's patch
(patch provided by Vlad Bailescu; closes #80)
Modified:
sling/trunk/bundles/extensions/xss/src/main/java/org/apache/sling/xss/impl/XSSAPIImpl.java
sling/trunk/bundles/extensions/xss/src/test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java
Modified: sling/trunk/bundles/extensions/xss/src/main/java/org/apache/sling/xss/impl/XSSAPIImpl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/xss/src/main/java/org/apache/sling/xss/impl/XSSAPIImpl.java?rev=1679204&r1=1679203&r2=1679204&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/xss/src/main/java/org/apache/sling/xss/impl/XSSAPIImpl.java (original)
+++ sling/trunk/bundles/extensions/xss/src/main/java/org/apache/sling/xss/impl/XSSAPIImpl.java Wed May 13 13:18:25 2015
@@ -167,6 +167,10 @@ public class XSSAPIImpl implements XSSAP
.replaceAll("<", "%3C")
.replaceAll("`", "%60")
.replaceAll(" ", "%20");
+ int qMarkIx = encodedUrl.indexOf('?');
+ if (qMarkIx > 0) {
+ encodedUrl = encodedUrl.substring(0, qMarkIx) + encodedUrl.substring(qMarkIx).replaceAll(":", "%3A");
+ }
String testHtml = LINK_PREFIX + mangleNamespaces(encodedUrl) + LINK_SUFFIX;
// replace all & with & because filterHTML will also apply this encoding
testHtml = testHtml.replaceAll("&(?!amp)", "&");
Modified: sling/trunk/bundles/extensions/xss/src/test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/xss/src/test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java?rev=1679204&r1=1679203&r2=1679204&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/xss/src/test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java (original)
+++ sling/trunk/bundles/extensions/xss/src/test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java Wed May 13 13:18:25 2015
@@ -252,6 +252,16 @@ public class XSSAPIImplTest {
// `
{"/test/ab`cd", "/test/ab%60cd"},
{"http://localhost:4502/test/ab`cd", "http://localhost:4502/test/ab%60cd"},
+ // colons in query string
+ {"/test/search.html?0_tag:id=test", "/test/search.html?0_tag%3Aid=test"},
+ { // JCR namespaces and colons in query string
+ "/test/jcr:content/search.html?0_tag:id=test",
+ "/test/_jcr_content/search.html?0_tag%3Aid=test"
+ },
+ { // ? in query string
+ "/test/search.html?0_tag:id=test?ing&1_tag:id=abc",
+ "/test/search.html?0_tag%3Aid=test?ing&1_tag%3Aid=abc",
+ }
};
for (String[] aTestData : testData) {