2
# Description: fix multiple XSS vulnerabilities in action/AttachFile.py
3
# Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526594
4
# Patch: http://hg.moinmo.in/moin/1.8/rev/5f51246a4df1
5
# Patch: http://hg.moinmo.in/moin/1.8/rev/269a1fbc3ed7
7
diff -Nur moin-1.7.1/MoinMoin/action/AttachFile.py moin-1.7.1.new/MoinMoin/action/AttachFile.py
8
--- moin-1.7.1/MoinMoin/action/AttachFile.py 2009-05-08 14:10:19.000000000 -0400
9
+++ moin-1.7.1.new/MoinMoin/action/AttachFile.py 2009-05-08 14:10:35.000000000 -0400
13
def error_msg(pagename, request, msg):
14
+ msg = wikiutil.escape(msg)
15
request.theme.add_msg(msg, "error")
16
Page(request, pagename).send_page()
20
msg = handler(pagename, request)
22
- msg = _('Unsupported AttachFile sub-action: %s') % (wikiutil.escape(do[0]), )
23
+ msg = _('Unsupported AttachFile sub-action: %s') % do[0]
25
error_msg(pagename, request, msg)
30
def upload_form(pagename, request, msg=''):
32
+ msg = wikiutil.escape(msg)
35
request.emit_http_headers()
37
'baseurl': request.getScriptname(),
38
'do': 'attachment_move',
39
'ticket': wikiutil.createTicket(request),
40
- 'pagename': pagename,
41
+ 'pagename': wikiutil.escape(pagename, 1),
42
'pagename_quoted': wikiutil.quoteWikinameURL(pagename),
43
- 'attachment_name': filename,
44
+ 'attachment_name': wikiutil.escape(filename, 1),
46
'cancel': _('Cancel'),
47
'newname_label': _("New page name"),
50
if package.isPackage():
51
if package.installPackage():
52
- msg = _("Attachment '%(filename)s' installed.") % {'filename': wikiutil.escape(target)}
53
+ msg = _("Attachment '%(filename)s' installed.") % {'filename': target}
55
- msg = _("Installation of '%(filename)s' failed.") % {'filename': wikiutil.escape(target)}
56
+ msg = _("Installation of '%(filename)s' failed.") % {'filename': target}
58
- msg += "<br><pre>%s</pre>" % wikiutil.escape(package.msg)
59
+ msg += " " + package.msg
61
- msg = _('The file %s is not a MoinMoin package file.') % wikiutil.escape(target)
62
+ msg = _('The file %s is not a MoinMoin package file.') % target
64
upload_form(pagename, request, msg=msg)
67
logging.exception("An exception within zip file attachment handling occurred:")
68
msg = _("A severe error occurred:") + ' ' + str(err)
70
- upload_form(pagename, request, msg=wikiutil.escape(msg))
71
+ upload_form(pagename, request, msg=msg)
74
def send_viewfile(pagename, request):