[SECURITY] Escape caption of media using css_styled_content 84/45284/2
authorGeorg Ringer <georg.ringer@gmail.com>
Tue, 15 Dec 2015 10:38:47 +0000 (11:38 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 15 Dec 2015 10:38:57 +0000 (11:38 +0100)
The caption must be escaped. As this is only a textarea, the parsefunc
is not needed.

Furthermore, the fields "altText" and "titleText" use htmlspecialchars instead of stripHtml.

Resolves: #41690
Releases: master, 6.2
Security-Commit: 2cfa39c452a35286deffdac4f0a03314e6f6ee69
Security-Bulletins: TYPO3-CORE-SA-2015-010, 011, 012, 013, 014, 015
Change-Id: I17a43cfa860c058054cd73f6ab751edfa91a02ce
Reviewed-on: https://review.typo3.org/45284
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
typo3/sysext/css_styled_content/static/setup.txt
typo3/sysext/css_styled_content/static/v6.2/setup.txt

index afcae4e..a3d9c53 100644 (file)
@@ -739,7 +739,7 @@ tt_content.image.20 {
                altText = TEXT
                altText {
                        data = file:current:alternative
-                       stripHtml = 1
+                       htmlSpecialChars = 1
                }
 
                titleText < .altText
@@ -785,7 +785,7 @@ tt_content.image.20 {
                        1 {
                                data = file:current:description
                                required = 1
-                               parseFunc =< lib.parseFunc
+                               htmlSpecialChars = 1
                                br = 1
                        }
                }
index f25a603..60b892f 100644 (file)
@@ -751,7 +751,7 @@ tt_content.image.20 {
                altText = TEXT
                altText {
                        data = file:current:alternative
-                       stripHtml = 1
+                       htmlSpecialChars = 1
                }
 
                titleText < .altText
@@ -797,7 +797,7 @@ tt_content.image.20 {
                        1 {
                                data = file:current:description
                                required = 1
-                               parseFunc =< lib.parseFunc
+                               htmlSpecialChars = 1
                                br = 1
                        }
                }