[SECURITY] Link fields accept Javascript code when using URI Data Scheme 82/49082/2
authorValentin Despa <valentin.despa@aoe.com>
Tue, 19 Jul 2016 10:18:09 +0000 (12:18 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 19 Jul 2016 10:18:13 +0000 (12:18 +0200)
commitd7f338b69bd74dde59e39d5d70360a44b8d7b7c4
treef95fdd978be78570d87a4165e404cfbffe813d01
parent93ce286759a7afe01dee53b69165ba8f0a674cf7
[SECURITY] Link fields accept Javascript code when using URI Data Scheme

JavaScript can be submitted for every link field and will be
rendered in the frontend passed through typolink. To circumvent that,
the URI scheme and prefix "data:" will be disallowed.

Resolves: #76358
Releases: master,7.6,6.2
Security-Commit: d0eeaa3fe2f0c5736a746c10d4c43aec2bf46174
Security-Bulletins: TYPO3-CORE-SA-2016-014, 015, 016, 017, 018
Change-Id: I3920808e396d7b2b77cd5baa8beb4d6711c86d91
Reviewed-on: https://review.typo3.org/49082
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php