[SECURITY] t3lib_div::quoteJSvalue allows XSS
authorHelmut Hummel <helmut.hummel@typo3.org>
Wed, 15 Aug 2012 10:20:47 +0000 (12:20 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 15 Aug 2012 10:20:51 +0000 (12:20 +0200)
commit51fe9e0fc3a15362c9fec9fdd68ca69d4ba3b5fc
tree13bd55b341b993b6b357b15da1f7d0a44bea6cab
parentbf01ec8d4c3a0b11108cee1465fe670c313fc924
[SECURITY] t3lib_div::quoteJSvalue allows XSS

When t3lib_div::quoteJSvalue() was used with second
parameter set to TRUE closing HTML script tags were
not escaped correctly.

Now every character except harmless ones is encoded
to a hex representation.

Change-Id: I4ce17c924458bc4db659b2d37e7932cc9b0c340d
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #23226
Security-Commit: ee1778ab0c7b4525dbabab4fcb94eb112b767e69
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13765
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
t3lib/class.t3lib_div.php
t3lib/codec/class.t3lib_codec_javascriptencoder.php [new file with mode: 0644]
t3lib/core_autoload.php
tests/Unit/t3lib/class.t3lib_divTest.php
tests/Unit/t3lib/codec/t3lib_codec_javascriptencoderTest.php [new file with mode: 0644]