From 8dd172a5b0e8050dc109b6bdb5850e5eef6d7a84 Mon Sep 17 00:00:00 2001 From: alecpl Date: Tue, 9 Aug 2011 18:40:42 +0000 Subject: - Fix XSS vulnerability in UI messages (#1488030) --- program/include/rcube_json_output.php | 9 ++++++++- program/include/rcube_template.php | 9 ++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) (limited to 'program') diff --git a/program/include/rcube_json_output.php b/program/include/rcube_json_output.php index 40a7b2a5e..ade9cc033 100644 --- a/program/include/rcube_json_output.php +++ b/program/include/rcube_json_output.php @@ -174,8 +174,15 @@ class rcube_json_output public function show_message($message, $type='notice', $vars=null, $override=true, $timeout=0) { if ($override || !$this->message) { + if (rcube_label_exists($message)) { + if (!empty($vars)) + $vars = array_map('Q', $vars); + $msgtext = rcube_label(array('name' => $message, 'vars' => $vars)); + } + else + $msgtext = $message; + $this->message = $message; - $msgtext = rcube_label_exists($message) ? rcube_label(array('name' => $message, 'vars' => $vars)) : $message; $this->command('display_message', $msgtext, $type, $timeout * 1000); } } diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php index 6228e7659..b9a43d3f1 100755 --- a/program/include/rcube_template.php +++ b/program/include/rcube_template.php @@ -248,8 +248,15 @@ class rcube_template extends rcube_html_page public function show_message($message, $type='notice', $vars=null, $override=true, $timeout=0) { if ($override || !$this->message) { + if (rcube_label_exists($message)) { + if (!empty($vars)) + $vars = array_map('Q', $vars); + $msgtext = rcube_label(array('name' => $message, 'vars' => $vars)); + } + else + $msgtext = $message; + $this->message = $message; - $msgtext = rcube_label_exists($message) ? rcube_label(array('name' => $message, 'vars' => $vars)) : $message; $this->command('display_message', $msgtext, $type, $timeout * 1000); } } -- cgit v1.2.3