Skip to content

Commit 77eb044

Browse files
jcubicjcubic
committed
fix Self XSS by injecting data attrbutte #727 
1 parent eb85cf1 commit 77eb044

7 files changed

+28
-18
lines changed

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
## 2.31.1
2+
### Bugfix
3+
* fixing low severity self XSS with potential more security implications [#727](https://github.com/jcubic/jquery.terminal/issues/727)
4+
15
## 2.31.0
26
### Breaking
37
* remove undocumented `echo_command` (that was used by old `echo_newline` extension)

js/jquery.terminal-2.31.0.js

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@
4141
*
4242
* broken image by Sophia Bai from the Noun Project (CC-BY)
4343
*
44-
* Date: Mon, 27 Dec 2021 10:26:13 +0000
44+
* Date: Thu, 30 Dec 2021 10:53:02 +0000
4545
*/
4646
/* global define, Map */
4747
/* eslint-disable */
@@ -5130,7 +5130,7 @@
51305130
// -------------------------------------------------------------------------
51315131
$.terminal = {
51325132
version: '2.31.0',
5133-
date: 'Mon, 27 Dec 2021 10:26:13 +0000',
5133+
date: 'Thu, 30 Dec 2021 10:53:02 +0000',
51345134
// colors from https://www.w3.org/wiki/CSS/Properties/color/keywords
51355135
color_names: [
51365136
'transparent', 'currentcolor', 'black', 'silver', 'gray', 'white',
@@ -6180,7 +6180,9 @@
61806180
return text;
61816181
} else {
61826182
return data.replace(/]/g, ']')
6183-
.replace(/>/g, '&gt;').replace(/</g, '&lt;');
6183+
.replace(/>/g, '&gt;')
6184+
.replace(/</g, '&lt;')
6185+
.replace(/"/g, '&quot;');
61846186
}
61856187
}
61866188
// -----------------------------------------------------------------
@@ -6365,7 +6367,7 @@
63656367
} else if (style.indexOf('@') !== -1) {
63666368
result += ' data-text/>';
63676369
} else {
6368-
result += ' data-text="' + data.replace(/"/g, '&quot;') + '">' +
6370+
result += ' data-text="' + data + '">' +
63696371
'<span>' + text + '</span></span>';
63706372
}
63716373
return result;
@@ -6386,7 +6388,7 @@
63866388
} else {
63876389
text = safe(text);
63886390
text = text.replace(/\\\]/, '&#93;');
6389-
var data = text;
6391+
var data = clean_data(text);
63906392
var extra = extra_css(text, settings);
63916393
var prefix;
63926394
if (extra.length) {

js/jquery.terminal-2.31.0.min.js

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

js/jquery.terminal-src.js

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6180,7 +6180,9 @@
61806180
return text;
61816181
} else {
61826182
return data.replace(/&#93;/g, ']')
6183-
.replace(/>/g, '&gt;').replace(/</g, '&lt;');
6183+
.replace(/>/g, '&gt;')
6184+
.replace(/</g, '&lt;')
6185+
.replace(/"/g, '&quot;');
61846186
}
61856187
}
61866188
// -----------------------------------------------------------------
@@ -6365,7 +6367,7 @@
63656367
} else if (style.indexOf('@') !== -1) {
63666368
result += ' data-text/>';
63676369
} else {
6368-
result += ' data-text="' + data.replace(/"/g, '&quot;') + '">' +
6370+
result += ' data-text="' + data + '">' +
63696371
'<span>' + text + '</span></span>';
63706372
}
63716373
return result;
@@ -6386,7 +6388,7 @@
63866388
} else {
63876389
text = safe(text);
63886390
text = text.replace(/\\\]/, '&#93;');
6389-
var data = text;
6391+
var data = clean_data(text);
63906392
var extra = extra_css(text, settings);
63916393
var prefix;
63926394
if (extra.length) {

js/jquery.terminal.js

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@
4141
*
4242
* broken image by Sophia Bai from the Noun Project (CC-BY)
4343
*
44-
* Date: Mon, 27 Dec 2021 10:26:13 +0000
44+
* Date: Thu, 30 Dec 2021 10:53:02 +0000
4545
*/
4646
/* global define, Map */
4747
/* eslint-disable */
@@ -5130,7 +5130,7 @@
51305130
// -------------------------------------------------------------------------
51315131
$.terminal = {
51325132
version: '2.31.0',
5133-
date: 'Mon, 27 Dec 2021 10:26:13 +0000',
5133+
date: 'Thu, 30 Dec 2021 10:53:02 +0000',
51345134
// colors from https://www.w3.org/wiki/CSS/Properties/color/keywords
51355135
color_names: [
51365136
'transparent', 'currentcolor', 'black', 'silver', 'gray', 'white',
@@ -6180,7 +6180,9 @@
61806180
return text;
61816181
} else {
61826182
return data.replace(/&#93;/g, ']')
6183-
.replace(/>/g, '&gt;').replace(/</g, '&lt;');
6183+
.replace(/>/g, '&gt;')
6184+
.replace(/</g, '&lt;')
6185+
.replace(/"/g, '&quot;');
61846186
}
61856187
}
61866188
// -----------------------------------------------------------------
@@ -6365,7 +6367,7 @@
63656367
} else if (style.indexOf('@') !== -1) {
63666368
result += ' data-text/>';
63676369
} else {
6368-
result += ' data-text="' + data.replace(/"/g, '&quot;') + '">' +
6370+
result += ' data-text="' + data + '">' +
63696371
'<span>' + text + '</span></span>';
63706372
}
63716373
return result;
@@ -6386,7 +6388,7 @@
63866388
} else {
63876389
text = safe(text);
63886390
text = text.replace(/\\\]/, '&#93;');
6389-
var data = text;
6391+
var data = clean_data(text);
63906392
var extra = extra_css(text, settings);
63916393
var prefix;
63926394
if (extra.length) {

js/jquery.terminal.min.js

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

js/jquery.terminal.min.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)