#6134: Paginator helper has XSS problem
---------------------------+------------------------------------------------
Reporter: ichikaway | Owner:
Type: Bug | Status: new
Priority: High | Milestone: 1.2.x.x
Component: Helpers | Version: 1.2 Final
Severity: Major | Resolution:
Keywords: | Php_version: n/a
Cake_version: 1.2.1.8004 |
---------------------------+------------------------------------------------
Comment (by zackenbarsch):
In order for this problem to be repdouced there must be at least 2 pages,
and you have to target a page which must not be the last one 'cause
otherwise the '''>= $pageCount''' condition would apply! Also the test
case must use assertIdentical because of PHPs type conversion
behaviour[[BR]]
[[BR]]
Updated test case:[[BR]]
[[BR]]
{{{
#!php
$Controller->passedArgs = array('page' => '1 "
onclick="alert(\'xss\');">');
$Controller->paginate = array('limit' => 1);
$Controller->paginate('ControllerPost');
$this->assertIdentical($Controller->params['paging']['ControllerPost']['page'],
1, 'XSS exploit opened %s');
}}}
[[BR]]
Regards[[BR]]
Frank
--
Ticket URL: <https://trac.cakephp.org/ticket/6134#comment:4>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"tickets cakephp" group.
To post to this group, send email to tickets-cakephp@googlegroups.com
To unsubscribe from this group, send email to
tickets-cakephp+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---
