[SECURITY] Link fields accept Javascript code when using URI Data Scheme 70/49070/2
authorValentin Despa <valentin.despa@aoe.com>
Tue, 19 Jul 2016 10:16:43 +0000 (12:16 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 19 Jul 2016 10:16:47 +0000 (12:16 +0200)
commit257538a490ad01d0ee7fbbf9c23886530636526d
tree668e290388c9c72089f4e173100e55809b35a8c0
parent7471988ae4739c48961b3d334727c192b6b59f59
[SECURITY] Link fields accept Javascript code when using URI Data Scheme

JavaScript can be submitted for every link field and will be
rendered in the frontend passed through typolink. To circumvent that,
the URI scheme and prefix "data:" will be disallowed.

Resolves: #76358
Releases: master,7.6,6.2
Security-Commit: 872e3e0dd290c61b3ec43c43531c1b2e60ee6e2d
Security-Bulletins: TYPO3-CORE-SA-2016-014, 015, 016, 017, 018
Change-Id: Ia66178567bf7b64cc70c1c2994f442b13bcd62cd
Reviewed-on: https://review.typo3.org/49070
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php