[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: [kdepimlibs] akonadi/contact: Fix XSS issue in the contact viewer
From: Tobias Koenig <tokoe () kde ! org>
Date: 2012-10-13 9:58:14
Message-ID: 20121013095814.3B6B3A6078 () git ! kde ! org
[Download RAW message or body]
Git commit d5bb7c20544170e06ecaaeb21c747c3b8905fc63 by Tobias Koenig.
Committed on 13/10/2012 at 11:56.
Pushed by tokoe into branch 'master'.
Fix XSS issue in the contact viewer
This was not really a security risk, since the used QTextBrowser has not way to \
access the network automatically, but fixing it right now makes it future-proof.
BUGS: 305169
M +13 -12 akonadi/contact/standardcontactformatter.cpp
http://commits.kde.org/kdepimlibs/d5bb7c20544170e06ecaaeb21c747c3b8905fc63
diff --git a/akonadi/contact/standardcontactformatter.cpp \
b/akonadi/contact/standardcontactformatter.cpp index 1437f6b..683352c 100644
--- a/akonadi/contact/standardcontactformatter.cpp
+++ b/akonadi/contact/standardcontactformatter.cpp
@@ -30,6 +30,7 @@
#include <kstringhandler.h>
#include <QtCore/QSet>
+#include <QtGui/QTextDocument>
using namespace Akonadi;
@@ -109,9 +110,9 @@ QString StandardContactFormatter::toHtml( HtmlForm form ) const
QString url;
if ( number.type() & KABC::PhoneNumber::Cell ) {
- url = QString::fromLatin1( "<a href=\"phone:?index=%1\">%2</a> (<a \
href=\"sms:?index=%1\">SMS</a>)" ).arg( counter ).arg( number.number() ); + \
url = QString::fromLatin1( "<a href=\"phone:?index=%1\">%2</a> (<a \
href=\"sms:?index=%1\">SMS</a>)" ).arg( counter ).arg( Qt::escape( number.number() ) \
); } else {
- url = QString::fromLatin1( "<a href=\"phone:?index=%1\">%2</a>" ).arg( \
counter ).arg( number.number() ); + url = QString::fromLatin1( "<a \
href=\"phone:?index=%1\">%2</a>" ).arg( counter ).arg( Qt::escape( number.number() ) \
); }
counter++;
@@ -123,7 +124,7 @@ QString StandardContactFormatter::toHtml( HtmlForm form ) const
// EMails
foreach ( const QString &email, rawContact.emails() ) {
- QString type = i18nc( "a contact's email address", "Email" );
+ const QString type = i18nc( "a contact's email address", "Email" );
const QString fullEmail = QString::fromLatin1( KUrl::toPercentEncoding( \
rawContact.fullEmail( email ) ) );
@@ -139,14 +140,14 @@ QString StandardContactFormatter::toHtml( HtmlForm form ) const
url = QLatin1String( "http://" ) + url;
}
- url = KStringHandler::tagUrls( url );
+ url = KStringHandler::tagUrls( Qt::escape( url ) );
dynamicPart += rowFmtStr.arg( i18n( "Homepage" ) ).arg( url );
}
// Blog Feed
const QString blog = rawContact.custom( QLatin1String( "KADDRESSBOOK" ), \
QLatin1String( "BlogFeed" ) ); if ( !blog.isEmpty() ) {
- dynamicPart += rowFmtStr.arg( i18n( "Blog Feed" ) ).arg( \
KStringHandler::tagUrls( blog ) ); + dynamicPart += rowFmtStr.arg( i18n( "Blog \
Feed" ) ).arg( KStringHandler::tagUrls( Qt::escape( blog ) ) ); }
// Addresses
@@ -155,9 +156,9 @@ QString StandardContactFormatter::toHtml( HtmlForm form ) const
QString formattedAddress;
if ( address.label().isEmpty() ) {
- formattedAddress = address.formattedAddress().trimmed();
+ formattedAddress = Qt::escape( address.formattedAddress().trimmed() );
} else {
- formattedAddress = address.label();
+ formattedAddress = Qt::escape( address.label() );
}
formattedAddress = formattedAddress.replace( QLatin1Char( '\n' ), QLatin1String( \
"<br>" ) ); @@ -176,7 +177,7 @@ QString StandardContactFormatter::toHtml( HtmlForm \
form ) const // Note
QString notes;
if ( !rawContact.note().isEmpty() ) {
- notes = rowFmtStr.arg( i18n( "Notes" ) ).arg( rawContact.note().replace( \
QLatin1Char( '\n' ), QLatin1String( "<br>" ) ) ) ; + notes = rowFmtStr.arg( i18n( \
"Notes" ) ).arg( Qt::escape( rawContact.note() ).replace( QLatin1Char( '\n' ), \
QLatin1String( "<br>" ) ) ) ; }
// Custom Data
@@ -256,7 +257,7 @@ QString StandardContactFormatter::toHtml( HtmlForm form ) const
}
}
- customData += rowFmtStr.arg( key ).arg( value ) ;
+ customData += rowFmtStr.arg( key ).arg( Qt::escape( value ) ) ;
}
}
}
@@ -286,9 +287,9 @@ QString StandardContactFormatter::toHtml( HtmlForm form ) const
"<td align=\"left\" width=\"70%\">%4</td>" // organization
"</tr>")
.arg( QLatin1String( "contact_photo" ) )
- .arg( rawContact.realName() )
- .arg( role )
- .arg( rawContact.organization() );
+ .arg( Qt::escape( rawContact.realName() ) )
+ .arg( Qt::escape( role ) )
+ .arg( Qt::escape( rawContact.organization() ) );
strAddr.append( dynamicPart );
strAddr.append( notes );
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic