smallsolar
/
libkiwix
mirror of https://github.com/kiwix/libkiwix.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #721 from kiwix/xssVul 

Use encoded URLs for searchSuggestionHtml
This commit is contained in:
Kelson 2022-03-09 14:33:11 +01:00 committed by GitHub
parent e48b550b68 04d682486a
commit f893777dc0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/server/internalServer.cpp
View File

@ -798,7 +798,7 @@ std::unique_ptr<Response> InternalServer::handle_content(const RequestContext& r
} catch (const std::out_of_range& e) {} } catch (const std::out_of_range& e) {}
if (archive == nullptr) { if (archive == nullptr) {
std::string searchURL = m_root+"/search?pattern="+pattern; // Make a full search on the entire library. std::string searchURL = m_root + "/search?pattern=" + kiwix::urlEncode(pattern, true); // Make a full search on the entire library.
const std::string details = searchSuggestionHTML(searchURL, kiwix::urlDecode(pattern)); const std::string details = searchSuggestionHTML(searchURL, kiwix::urlDecode(pattern));
return Response::build_404(*this, request.get_full_url(), bookName, "", details); return Response::build_404(*this, request.get_full_url(), bookName, "", details);
@ -831,7 +831,7 @@ std::unique_ptr<Response> InternalServer::handle_content(const RequestContext& r
if (m_verbose.load()) if (m_verbose.load())
printf("Failed to find %s\n", urlStr.c_str()); printf("Failed to find %s\n", urlStr.c_str());
std::string searchURL = m_root+"/search?content="+bookName+"&pattern="+pattern; // Make a search on this specific book only. std::string searchURL = m_root + "/search?content=" + bookName + "&pattern=" + kiwix::urlEncode(pattern, true); // Make a search on this specific book only.
const std::string details = searchSuggestionHTML(searchURL, kiwix::urlDecode(pattern)); const std::string details = searchSuggestionHTML(searchURL, kiwix::urlDecode(pattern));
return Response::build_404(*this, request.get_full_url(), bookName, getArchiveTitle(*archive), details); return Response::build_404(*this, request.get_full_url(), bookName, getArchiveTitle(*archive), details);

24
test/server.cpp
View File

@ -512,6 +512,30 @@ TEST_F(ServerTest, 404WithBodyTesting)
</p> </p>
)" }, )" },
{ /* url */ R"(/ROOT/"><svg onload=alert(1)>)",
/* expected body */ R"(
<h1>Not Found</h1>
<p>
The requested URL "/ROOT/&quot;&gt;&lt;svg onload=alert(1)&gt;" was not found on this server.
</p>
<p>
Make a full text search for <a href="/ROOT/search?pattern=%22%3E%3Csvg%20onload%3Dalert(1)%3E">&quot;&gt;&lt;svg onload=alert(1)&gt;</a>
</p>
)" },
{ /* url */ R"(/ROOT/zimfile/"><svg onload=alert(1)>)",
/* book name */ "zimfile",
/* book title */ "Ray Charles",
/* expected body */ R"(
<h1>Not Found</h1>
<p>
The requested URL "/ROOT/zimfile/&quot;&gt;&lt;svg onload=alert(1)&gt;" was not found on this server.
</p>
<p>
Make a full text search for <a href="/ROOT/search?content=zimfile&pattern=%22%3E%3Csvg%20onload%3Dalert(1)%3E">&quot;&gt;&lt;svg onload=alert(1)&gt;</a>
</p>
)" },
{ /* url */ "/ROOT/raw/no-such-book/meta/Title", { /* url */ "/ROOT/raw/no-such-book/meta/Title",
/* expected body */ R"( /* expected body */ R"(
<h1>Not Found</h1> <h1>Not Found</h1>