From d35834c0e78338db8069dac02a620cb757263999 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Mon, 1 Apr 2019 23:08:57 +0200 Subject: [PATCH] Fix a bunch of dom-based xss This should close #633 --- .../main/webapp/WEB-INF/jsp/artistMain.jsp | 10 ++++---- .../src/main/webapp/WEB-INF/jsp/playQueue.jsp | 24 +++++++++---------- .../src/main/webapp/WEB-INF/jsp/playlist.jsp | 14 +++++------ .../webapp/WEB-INF/jsp/videoPlayerCast.jsp | 10 ++++---- 4 files changed, 29 insertions(+), 29 deletions(-) diff --git a/airsonic-main/src/main/webapp/WEB-INF/jsp/artistMain.jsp b/airsonic-main/src/main/webapp/WEB-INF/jsp/artistMain.jsp index 03e1f3d8..bc6a5979 100644 --- a/airsonic-main/src/main/webapp/WEB-INF/jsp/artistMain.jsp +++ b/airsonic-main/src/main/webapp/WEB-INF/jsp/artistMain.jsp @@ -97,15 +97,15 @@ } else { $("#starSong" + id).attr("src", ""); } - $("#rank" + id).html(i + 1); - $("#title" + id).html(song.title); + $("#rank" + id).text(i + 1); + $("#title" + id).text(song.title); $("#title" + id).attr("title", song.title); - $("#album" + id).html(song.album); + $("#album" + id).text(song.album); $("#album" + id).attr("title", song.album); $("#albumUrl" + id).attr("href", "main.view?id=" + song.id); - $("#artist" + id).html(song.artist); + $("#artist" + id).text(song.artist); $("#artist" + id).attr("title", song.artist); - $("#songDuration" + id).html(song.durationAsString); + $("#songDuration" + id).text(song.durationAsString); // Note: show() method causes page to scroll to top. $("#pattern" + id).css("display", "table-row"); diff --git a/airsonic-main/src/main/webapp/WEB-INF/jsp/playQueue.jsp b/airsonic-main/src/main/webapp/WEB-INF/jsp/playQueue.jsp index 36b5a8fd..59108a59 100644 --- a/airsonic-main/src/main/webapp/WEB-INF/jsp/playQueue.jsp +++ b/airsonic-main/src/main/webapp/WEB-INF/jsp/playQueue.jsp @@ -429,7 +429,7 @@ } if (songs.length == 0) { - $("#songCountAndDuration").html(""); + $("#songCountAndDuration").text(""); $("#empty").show(); } else { $("#songCountAndDuration").html(songs.length + " – " + playQueue.durationAsString); @@ -447,7 +447,7 @@ var id = i + 1; dwr.util.cloneNode("pattern", { idSuffix:id }); if ($("#trackNumber" + id)) { - $("#trackNumber" + id).html(song.trackNumber); + $("#trackNumber" + id).text(song.trackNumber); } if (song.starred) { $("#starSong" + id).attr("src", ""); @@ -461,40 +461,40 @@ } } if ($("#title" + id)) { - $("#title" + id).html(song.title); + $("#title" + id).text(song.title); $("#title" + id).attr("title", song.title); } if ($("#titleUrl" + id)) { - $("#titleUrl" + id).html(song.title); + $("#titleUrl" + id).text(song.title); $("#titleUrl" + id).attr("title", song.title); $("#titleUrl" + id).click(function () {onSkip(this.id.substring(8) - 1)}); } if ($("#album" + id)) { - $("#album" + id).html(song.album); + $("#album" + id).text(song.album); $("#album" + id).attr("title", song.album); $("#albumUrl" + id).attr("href", song.albumUrl); } if ($("#artist" + id)) { - $("#artist" + id).html(song.artist); + $("#artist" + id).text(song.artist); $("#artist" + id).attr("title", song.artist); } if ($("#genre" + id)) { - $("#genre" + id).html(song.genre); + $("#genre" + id).text(song.genre); } if ($("#year" + id)) { - $("#year" + id).html(song.year); + $("#year" + id).text(song.year); } if ($("#bitRate" + id)) { - $("#bitRate" + id).html(song.bitRate); + $("#bitRate" + id).text(song.bitRate); } if ($("#duration" + id)) { - $("#duration" + id).html(song.durationAsString); + $("#duration" + id).text(song.durationAsString); } if ($("#format" + id)) { - $("#format" + id).html(song.format); + $("#format" + id).text(song.format); } if ($("#fileSize" + id)) { - $("#fileSize" + id).html(song.fileSize); + $("#fileSize" + id).text(song.fileSize); } $("#pattern" + id).addClass((i % 2 == 0) ? "bgcolor1" : "bgcolor2"); diff --git a/airsonic-main/src/main/webapp/WEB-INF/jsp/playlist.jsp b/airsonic-main/src/main/webapp/WEB-INF/jsp/playlist.jsp index 21fd1225..65d92795 100644 --- a/airsonic-main/src/main/webapp/WEB-INF/jsp/playlist.jsp +++ b/airsonic-main/src/main/webapp/WEB-INF/jsp/playlist.jsp @@ -86,8 +86,8 @@ $("#empty").hide(); } - $("#songCount").html(playlist.fileCount); - $("#duration").html(playlist.durationAsString); + $("#songCount").text(playlist.fileCount); + $("#duration").text(playlist.durationAsString); if (playlist.shared) { $("#shared").html(""); @@ -113,15 +113,15 @@ if (!song.present) { $("#missing" + id).show(); } - $("#index" + id).html(id); - $("#title" + id).html(song.title); + $("#index" + id).text(id); + $("#title" + id).text(song.title); $("#title" + id).attr("title", song.title); - $("#album" + id).html(song.album); + $("#album" + id).text(song.album); $("#album" + id).attr("title", song.album); $("#albumUrl" + id).attr("href", "main.view?id=" + song.id); - $("#artist" + id).html(song.artist); + $("#artist" + id).text(song.artist); $("#artist" + id).attr("title", song.artist); - $("#songDuration" + id).html(song.durationAsString); + $("#songDuration" + id).text(song.durationAsString); // Note: show() method causes page to scroll to top. $("#pattern" + id).css("display", "table-row"); diff --git a/airsonic-main/src/main/webapp/WEB-INF/jsp/videoPlayerCast.jsp b/airsonic-main/src/main/webapp/WEB-INF/jsp/videoPlayerCast.jsp index 2ff87593..2f0ba83a 100644 --- a/airsonic-main/src/main/webapp/WEB-INF/jsp/videoPlayerCast.jsp +++ b/airsonic-main/src/main/webapp/WEB-INF/jsp/videoPlayerCast.jsp @@ -602,11 +602,11 @@ }; CastPlayer.prototype.updateDebug = function () { - var debug = "
currentMediaOffset: " + this.currentMediaOffset + "
" - + "currentMediaTime: " + this.currentMediaTime + "
" - + "localPlayerState: " + this.localPlayerState + "
" + var debug = "\n" + this.currentMediaOffset + "\n" + + "currentMediaTime: " + this.currentMediaTime + "\n" + + "localPlayerState: " + this.localPlayerState + "\n" + "castPlayerState: " + this.castPlayerState; - $("#debug").html(debug); + $("#debug").text(debug); }; /** @@ -692,4 +692,4 @@ window.CastPlayer = CastPlayer; })(); - \ No newline at end of file +