0001-SECURITY-Fix-message-escaping-in-SecurePollLogPager.patch
Legoktm (Legoktm)
Actions

Authored By

	Legoktm
	Aug 20 2021, 11:42 PM

Size

1 KB

Referenced Files

None

Subscribers

None

0001-SECURITY-Fix-message-escaping-in-SecurePollLogPager.patch
View Options

	From b3566711ed037c52558829d2e0e6949293f2934b Mon Sep 17 00:00:00 2001
	From: Kunal Mehta <legoktm@debian.org>
	Date: Fri, 20 Aug 2021 16:41:18 -0700
	Subject: [PATCH] SECURITY: Fix message escaping in SecurePollLogPager

	Bug: T289385
	Change-Id: I4f04083cd00884d3b85245460774c81c7639a578
	---
	includes/SecurePollLogPager.php \| 5 +++--
	1 file changed, 3 insertions(+), 2 deletions(-)

	diff --git a/includes/SecurePollLogPager.php b/includes/SecurePollLogPager.php
	index 6105767..2e32916 100644
	--- a/includes/SecurePollLogPager.php
	+++ b/includes/SecurePollLogPager.php
	@@ -149,6 +149,7 @@ class SecurePollLogPager extends ReverseChronologicalPager {
	$userLink = Linker::userLink( $user->getId(), $user->getName() );

	$election = $this->context->getElection( $row->spl_election_id );
	+ // TODO: this is double escaped
	$electionTitle = htmlspecialchars( $election->title );

	$messageParams = [
	@@ -167,7 +168,7 @@ class SecurePollLogPager extends ReverseChronologicalPager {
	$messageParams
	)->text();

	- return HTML::rawElement( 'li', [], $message );
	+ return Html::element( 'li', [], $message );
	}

	/**
	@@ -188,6 +189,6 @@ class SecurePollLogPager extends ReverseChronologicalPager {
	* @inheritDoc
	*/
	public function getEmptyBody() {
	- return HTML::rawElement( 'p', [], $this->msg( 'securepoll-log-empty' )->text() );
	+ return Html::element( 'p', [], $this->msg( 'securepoll-log-empty' )->text() );
	}
	}
	--
	2.31.1

Mime Type: text/x-diff
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 9162451
Default Alt Text: 0001-SECURITY-Fix-message-escaping-in-SecurePollLogPager.patch (1 KB)