Files @ ddad3be4dc44
Branch filter:

Location: kallithea/scripts/shortlog.py

ddad3be4dc44 1.0 KiB text/x-python Show Annotation Show as Raw Download as Raw
Thomas De Schampheleire
changeset: fix XSS vulnerability in parent-child navigation

The 'Parent Rev.' - 'Child Rev.' links on changesets and in the file browser
normally immediately jump to the correct revision upon click. But, if there
are multiple candidates, e.g. two children of a commit, then a list of
revisions is shown as hyperlinks instead.

These hyperlinks have a 'title' attribute containing the full commit message
of the corresponding commit. When this commit message contains characters
special to HTML, like ", >, etc. they were added literally to the HTML code.

This can lead to a cross-site scripting (XSS) vulnerability when an attacker
has write access to a repository. They could craft a special commit message
that would introduce HTML and/or JavaScript code when the commit is listed
in such 'parent-child' navigation links.

Escape the commit message before using it further.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#!/usr/bin/env python2
# -*- coding: utf-8 -*-

"""
Kallithea script for generating a quick overview of contributors and their
commit counts in a given revision set.
"""
import argparse
import os
from collections import Counter
import contributor_data

def main():

    parser = argparse.ArgumentParser(description='Generate a list of committers and commit counts.')
    parser.add_argument('revset',
                        help='revision set specifying the commits to count')
    args = parser.parse_args()

    repo_entries = [
        (contributor_data.name_fixes.get(name) or contributor_data.name_fixes.get(name.rsplit('<', 1)[0].strip()) or name).rsplit('<', 1)[0].strip()
        for name in (line.strip()
         for line in os.popen("""hg log -r '%s' -T '{author}\n'""" % args.revset).readlines())
        ]

    counter = Counter(repo_entries)
    for name, count in counter.most_common():
        if name == '':
            continue
        print('%4s %s' % (count, name))


if __name__ == '__main__':
    main()
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.