Commit 1fa553da authored by Wouter Wolters's avatar Wouter Wolters Committed by Andreas Fernandez
Browse files

[BUGFIX] Prevent XSS in PageLayoutController

Correctly use htmlspecialchars for the link.

Resolves: #82077
Releases: master,8.7,7.6
Change-Id: I87ea4010aa187f5f601c31423fb1a0fc05a23107
Reviewed-on: https://review.typo3.org/53719

Tested-by: default avatarTYPO3com <no-reply@typo3.com>
Reviewed-by: default avatarWolfgang Klinger <wolfgang@wazum.com>
Reviewed-by: Frank Nägler's avatarFrank Naegler <frank.naegler@typo3.org>
Tested-by: Frank Nägler's avatarFrank Naegler <frank.naegler@typo3.org>
Reviewed-by: Andreas Fernandez's avatarAndreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez's avatarAndreas Fernandez <typo3@scripting-base.de>
parent cdef1854
......@@ -519,7 +519,7 @@ class PageLayoutController
} else {
$linkToPid = $this->local_linkThisScript(['id' => $targetPage['uid']]);
$path = BackendUtility::getRecordPath($targetPage['uid'], $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW), 1000);
$linkedPath = '<a href="' . $linkToPid . '">' . htmlspecialchars($path) . '</a>';
$linkedPath = '<a href="' . htmlspecialchars($linkToPid) . '">' . htmlspecialchars($path) . '</a>';
$message .= sprintf($lang->getLL('pageIsInternalLinkMessage'), $linkedPath);
}
......@@ -567,7 +567,7 @@ class PageLayoutController
$contentPage = BackendUtility::getRecord('pages', (int)$this->pageinfo['content_from_pid']);
$linkToPid = $this->local_linkThisScript(['id' => $this->pageinfo['content_from_pid']]);
$title = BackendUtility::getRecordTitle('pages', $contentPage);
$link = '<a href="' . $linkToPid . '">' . htmlspecialchars($title) . ' (PID ' . (int)$this->pageinfo['content_from_pid'] . ')</a>';
$link = '<a href="' . htmlspecialchars($linkToPid) . '">' . htmlspecialchars($title) . ' (PID ' . (int)$this->pageinfo['content_from_pid'] . ')</a>';
$message = sprintf($lang->getLL('content_from_pid_title'), $link);
$view->assignMultiple([
'title' => $title,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment