mirror of
https://github.com/librenms/librenms.git
synced 2024-10-07 16:52:45 +00:00
Fix potential xss in edit alert transport (#16445)
Would need to be in php code, so not user editable
This commit is contained in:
Tony Murray
GitHub
@@ -44,7 +44,7 @@ if (Auth::user()->hasGlobalAdmin()) {
|
|||||||
// Create list of transport
|
// Create list of transport
|
||||||
$transports_list = Transport::list();
|
$transports_list = Transport::list();
|
||||||
foreach ($transports_list as $transport => $name) {
|
foreach ($transports_list as $transport => $name) {
|
||||||
echo '<option value="' . $transport . '-form">' . $name . '</option>';
|
echo '<option value="' . htmlentities($transport) . '-form">' . htmlentities($name) . '</option>';
|
||||||
} ?>
|
} ?>
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
@@ -67,19 +67,19 @@ if (Auth::user()->hasGlobalAdmin()) {
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
echo '<form method="post" role="form" id="' . $transport . '-form" class="form-horizontal transport">';
|
echo '<form method="post" role="form" id="' . htmlentities($transport) . '-form" class="form-horizontal transport">';
|
||||||
echo csrf_field();
|
echo csrf_field();
|
||||||
echo '<input type="hidden" name="transport-type" value="' . $transport . '">';
|
echo '<input type="hidden" name="transport-type" value="' . htmlentities($transport) . '">';
|
||||||
|
|
||||||
$tmp = call_user_func($class . '::configTemplate');
|
$tmp = call_user_func($class . '::configTemplate');
|
||||||
|
|
||||||
foreach ($tmp['config'] as $item) {
|
foreach ($tmp['config'] as $item) {
|
||||||
if ($item['type'] !== 'hidden') {
|
if ($item['type'] !== 'hidden') {
|
||||||
echo '<div class="form-group" title="' . $item['descr'] . '">';
|
echo '<div class="form-group" title="' . htmlentities($item['descr']) . '">';
|
||||||
echo '<label for="' . $item['name'] . '" class="col-sm-3 col-md-2 control-label">' . $item['title'] . ': </label>';
|
echo '<label for="' . htmlentities($item['name']) . '" class="col-sm-3 col-md-2 control-label">' . htmlentities($item['title']) . ': </label>';
|
||||||
if ($item['type'] == 'text' || $item['type'] == 'password') {
|
if ($item['type'] == 'text' || $item['type'] == 'password') {
|
||||||
echo '<div class="col-sm-9 col-md-10">';
|
echo '<div class="col-sm-9 col-md-10">';
|
||||||
echo '<input type="' . $item['type'] . '" id="' . $item['name'] . '" name="' . $item['name'] . '" class="form-control" ';
|
echo '<input type="' . htmlentities($item['type']) . '" id="' . htmlentities($item['name']) . '" name="' . htmlentities($item['name']) . '" class="form-control" ';
|
||||||
if ($item['required']) {
|
if ($item['required']) {
|
||||||
echo 'required>';
|
echo 'required>';
|
||||||
} else {
|
} else {
|
||||||
@@ -88,33 +88,33 @@ if (Auth::user()->hasGlobalAdmin()) {
|
|||||||
echo '</div>';
|
echo '</div>';
|
||||||
} elseif ($item['type'] == 'checkbox') {
|
} elseif ($item['type'] == 'checkbox') {
|
||||||
echo '<div class="col-sm-2">';
|
echo '<div class="col-sm-2">';
|
||||||
echo '<input type="checkbox" name="' . $item['name'] . '" id="' . $item['name'] . '">';
|
echo '<input type="checkbox" name="' . htmlentities($item['name']) . '" id="' . htmlentities($item['name']) . '">';
|
||||||
echo '</div>';
|
echo '</div>';
|
||||||
$switches[$item['name']] = $item['default'];
|
$switches[$item['name']] = htmlentities($item['default']);
|
||||||
} elseif ($item['type'] == 'select') {
|
} elseif ($item['type'] == 'select') {
|
||||||
echo '<div class="col-sm-3">';
|
echo '<div class="col-sm-3">';
|
||||||
echo '<select name="' . $item['name'] . '" id="' . $item['name'] . '" class="form-control">';
|
echo '<select name="' . htmlentities($item['name']) . '" id="' . htmlentities($item['name']) . '" class="form-control">';
|
||||||
foreach ($item['options'] as $descr => $opt) {
|
foreach ($item['options'] as $descr => $opt) {
|
||||||
echo '<option value="' . $opt . '">' . $descr . '</option>';
|
echo '<option value="' . htmlentities($opt) . '">' . htmlentities($descr). '</option>';
|
||||||
}
|
}
|
||||||
echo '</select>';
|
echo '</select>';
|
||||||
echo '</div>';
|
echo '</div>';
|
||||||
} elseif ($item['type'] === 'textarea') {
|
} elseif ($item['type'] === 'textarea') {
|
||||||
echo '<div class="col-sm-9 col-md-10">';
|
echo '<div class="col-sm-9 col-md-10">';
|
||||||
echo '<textarea name="' . $item['name'] . '" id="' . $item['name'] . '" class="form-control" placeholder="' . $item['descr'] . '">';
|
echo '<textarea name="' . htmlentities($item['name']) . '" id="' . htmlentities($item['name']) . '" class="form-control" placeholder="' . htmlentities($item['descr']) . '">';
|
||||||
echo '</textarea>';
|
echo '</textarea>';
|
||||||
echo '</div>';
|
echo '</div>';
|
||||||
} elseif ($item['type'] === 'oauth') {
|
} elseif ($item['type'] === 'oauth') {
|
||||||
$class = isset($item['class']) ? $item['class'] : 'btn-success';
|
$class = $item['class'] ?? 'btn-success';
|
||||||
$callback = urlencode(url()->current() . '/?oauthtransport=' . $transport);
|
$callback = urlencode(url()->current() . '/?oauthtransport=' . $transport);
|
||||||
$url = $item['url'] . $callback;
|
$url = $item['url'] . $callback;
|
||||||
|
|
||||||
echo '<a class="btn btn-oauth ' . $class . '"';
|
echo '<a class="btn btn-oauth ' . htmlentities($class) . '"';
|
||||||
echo '" href="' . $url . '" data-base-url="' . $url . '">';
|
echo '" href="' . htmlentities($url) . '" data-base-url="' . htmlentities($url) . '">';
|
||||||
if (isset($item['icon'])) {
|
if (isset($item['icon'])) {
|
||||||
echo '<img src="' . asset('images/transports/' . $item['icon']) . '" width="24" height="24"> ';
|
echo '<img src="' . asset('images/transports/' . $item['icon']) . '" width="24" height="24"> ';
|
||||||
}
|
}
|
||||||
echo $item['descr'];
|
echo htmlentities($item['descr']);
|
||||||
echo '</a>';
|
echo '</a>';
|
||||||
}
|
}
|
||||||
echo '</div>';
|
echo '</div>';
|
||||||
|
|||||||
Reference in New Issue
Block a user