Files @ ddad3be4dc44
Branch filter:

Location: kallithea/docs/make.bat - annotation

ddad3be4dc44 4.3 KiB application/x-msdos-program Show Source Show as Raw Download as Raw
Thomas De Schampheleire
changeset: fix XSS vulnerability in parent-child navigation

The 'Parent Rev.' - 'Child Rev.' links on changesets and in the file browser
normally immediately jump to the correct revision upon click. But, if there
are multiple candidates, e.g. two children of a commit, then a list of
revisions is shown as hyperlinks instead.

These hyperlinks have a 'title' attribute containing the full commit message
of the corresponding commit. When this commit message contains characters
special to HTML, like ", >, etc. they were added literally to the HTML code.

This can lead to a cross-site scripting (XSS) vulnerability when an attacker
has write access to a repository. They could craft a special commit message
that would introduce HTML and/or JavaScript code when the commit is listed
in such 'parent-child' navigation links.

Escape the commit message before using it further.
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b

@ECHO OFF

REM Command file for Sphinx documentation

if "%SPHINXBUILD%" == "" (
    set SPHINXBUILD=sphinx-build
)
set BUILDDIR=_build
set ALLSPHINXOPTS=-d %BUILDDIR%/doctrees %SPHINXOPTS% .
if NOT "%PAPER%" == "" (
    set ALLSPHINXOPTS=-D latex_paper_size=%PAPER% %ALLSPHINXOPTS%
)

if "%1" == "" goto help

if "%1" == "help" (
    :help
    echo.Please use `make ^<target^>` where ^<target^> is one of
    echo.  html       to make standalone HTML files
    echo.  dirhtml    to make HTML files named index.html in directories
    echo.  singlehtml to make a single large HTML file
    echo.  pickle     to make pickle files
    echo.  json       to make JSON files
    echo.  htmlhelp   to make HTML files and a HTML help project
    echo.  qthelp     to make HTML files and a qthelp project
    echo.  devhelp    to make HTML files and a Devhelp project
    echo.  epub       to make an epub
    echo.  latex      to make LaTeX files, you can set PAPER=a4 or PAPER=letter
    echo.  text       to make text files
    echo.  man        to make manual pages
    echo.  changes    to make an overview over all changed/added/deprecated items
    echo.  linkcheck  to check all external links for integrity
    echo.  doctest    to run all doctests embedded in the documentation if enabled
    goto end
)

if "%1" == "clean" (
    for /d %%i in (%BUILDDIR%\*) do rmdir /q /s %%i
    del /q /s %BUILDDIR%\*
    goto end
)

if "%1" == "html" (
    %SPHINXBUILD% -b html %ALLSPHINXOPTS% %BUILDDIR%/html
    echo.
    echo.Build finished. The HTML pages are in %BUILDDIR%/html.
    goto end
)

if "%1" == "dirhtml" (
    %SPHINXBUILD% -b dirhtml %ALLSPHINXOPTS% %BUILDDIR%/dirhtml
    echo.
    echo.Build finished. The HTML pages are in %BUILDDIR%/dirhtml.
    goto end
)

if "%1" == "singlehtml" (
    %SPHINXBUILD% -b singlehtml %ALLSPHINXOPTS% %BUILDDIR%/singlehtml
    echo.
    echo.Build finished. The HTML pages are in %BUILDDIR%/singlehtml.
    goto end
)

if "%1" == "pickle" (
    %SPHINXBUILD% -b pickle %ALLSPHINXOPTS% %BUILDDIR%/pickle
    echo.
    echo.Build finished; now you can process the pickle files.
    goto end
)

if "%1" == "json" (
    %SPHINXBUILD% -b json %ALLSPHINXOPTS% %BUILDDIR%/json
    echo.
    echo.Build finished; now you can process the JSON files.
    goto end
)

if "%1" == "htmlhelp" (
    %SPHINXBUILD% -b htmlhelp %ALLSPHINXOPTS% %BUILDDIR%/htmlhelp
    echo.
    echo.Build finished; now you can run HTML Help Workshop with the ^
.hhp project file in %BUILDDIR%/htmlhelp.
    goto end
)

if "%1" == "qthelp" (
    %SPHINXBUILD% -b qthelp %ALLSPHINXOPTS% %BUILDDIR%/qthelp
    echo.
    echo.Build finished; now you can run "qcollectiongenerator" with the ^
.qhcp project file in %BUILDDIR%/qthelp, like this:
    echo.^> qcollectiongenerator %BUILDDIR%\qthelp\Kallithea.qhcp
    echo.To view the help file:
    echo.^> assistant -collectionFile %BUILDDIR%\qthelp\Kallithea.ghc
    goto end
)

if "%1" == "devhelp" (
    %SPHINXBUILD% -b devhelp %ALLSPHINXOPTS% %BUILDDIR%/devhelp
    echo.
    echo.Build finished.
    goto end
)

if "%1" == "epub" (
    %SPHINXBUILD% -b epub %ALLSPHINXOPTS% %BUILDDIR%/epub
    echo.
    echo.Build finished. The epub file is in %BUILDDIR%/epub.
    goto end
)

if "%1" == "latex" (
    %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex
    echo.
    echo.Build finished; the LaTeX files are in %BUILDDIR%/latex.
    goto end
)

if "%1" == "text" (
    %SPHINXBUILD% -b text %ALLSPHINXOPTS% %BUILDDIR%/text
    echo.
    echo.Build finished. The text files are in %BUILDDIR%/text.
    goto end
)

if "%1" == "man" (
    %SPHINXBUILD% -b man %ALLSPHINXOPTS% %BUILDDIR%/man
    echo.
    echo.Build finished. The manual pages are in %BUILDDIR%/man.
    goto end
)

if "%1" == "changes" (
    %SPHINXBUILD% -b changes %ALLSPHINXOPTS% %BUILDDIR%/changes
    echo.
    echo.The overview file is in %BUILDDIR%/changes.
    goto end
)

if "%1" == "linkcheck" (
    %SPHINXBUILD% -b linkcheck %ALLSPHINXOPTS% %BUILDDIR%/linkcheck
    echo.
    echo.Link check complete; look for any errors in the above output ^
or in %BUILDDIR%/linkcheck/output.txt.
    goto end
)

if "%1" == "doctest" (
    %SPHINXBUILD% -b doctest %ALLSPHINXOPTS% %BUILDDIR%/doctest
    echo.
    echo.Testing of doctests in the sources finished, look at the ^
results in %BUILDDIR%/doctest/output.txt.
    goto end
)

:end
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.