mirror of
https://github.com/ansible/awx.git
synced 2024-10-31 06:51:10 +03:00
Survey maker/taker html tag injection
Fixed a defect in which the user could inject html tags into the survey maker, which could in turn show up in survey taker.
This commit is contained in:
parent
6a162c2a3b
commit
ec132ae151
@ -446,6 +446,11 @@ function($location, Wait, GetBasePath, LookUpInit, JobTemplateForm, CredentialLi
|
||||
|
||||
function buildHtml(question, index){
|
||||
question.index = index;
|
||||
question.question_name = question.question_name.replace(/</g, "<");
|
||||
question.question_name = question.question_name.replace(/>/g, ">");
|
||||
question.question_description = (question.question_description) ? question.question_description.replace(/</g, "<") : undefined;
|
||||
question.question_description = (question.question_description) ? question.question_description.replace(/>/g, ">") : undefined;
|
||||
|
||||
|
||||
requiredAsterisk = (question.required===true) ? "prepend-asterisk" : "";
|
||||
requiredClasses = (question.required===true) ? "ng-pristine ng-invalid-required ng-invalid" : "";
|
||||
@ -456,6 +461,9 @@ function($location, Wait, GetBasePath, LookUpInit, JobTemplateForm, CredentialLi
|
||||
if(!Empty(question.question_description)){
|
||||
html += '<div class="survey_taker_description"><i>'+question.question_description+'</i></div>\n';
|
||||
}
|
||||
|
||||
question.default = (question.default) ? question.default.replace(/</g, "<") : undefined;
|
||||
question.default = (question.default) ? question.default.replace(/>/g, ">") : undefined;
|
||||
scope[question.variable] = question.default;
|
||||
|
||||
if(question.type === 'text' ){
|
||||
@ -493,6 +501,8 @@ function($location, Wait, GetBasePath, LookUpInit, JobTemplateForm, CredentialLi
|
||||
html+='<div class="survey_taker_input" > ';
|
||||
for( j = 0; j<choices.length; j++){
|
||||
checked = (!Empty(question.default) && question.default.indexOf(choices[j])!==-1) ? "checked" : "";
|
||||
choices[j] = choices[j].replace(/</g, "<");
|
||||
choices[j] = choices[j].replace(/>/g, ">");
|
||||
html+= '<input type="'+element+'" class="mc" ng-model="'+question.variable+'" ng-required="'+question.required+'" name="'+question.variable+ ' " id="'+question.variable+'" value=" '+choices[j]+' " '+checked+' >' +
|
||||
'<span>'+choices[j] +'</span><br>' ;
|
||||
}
|
||||
|
@ -266,6 +266,11 @@ angular.module('SurveyHelper', [ 'Utilities', 'RestServices', 'SchedulesHelper',
|
||||
// }
|
||||
|
||||
question.index = index;
|
||||
question.question_name = question.question_name.replace(/</g, "<");
|
||||
question.question_name = question.question_name.replace(/>/g, ">");
|
||||
question.question_description = (question.question_description) ? question.question_description.replace(/</g, "<") : undefined;
|
||||
question.question_description = (question.question_description) ? question.question_description.replace(/>/g, ">") : undefined;
|
||||
|
||||
|
||||
if(!$('#question_'+question.index+':eq(0)').is('div')){
|
||||
html+='<div id="question_'+question.index+'" class="question_final row"></div>';
|
||||
@ -281,6 +286,8 @@ angular.module('SurveyHelper', [ 'Utilities', 'RestServices', 'SchedulesHelper',
|
||||
|
||||
if(question.type === 'text' ){
|
||||
defaultValue = (question.default) ? question.default : "";
|
||||
defaultValue = defaultValue.replace(/</g, "<");
|
||||
defaultValue = defaultValue.replace(/>/g, ">");
|
||||
html+='<div class="row">'+
|
||||
'<div class="col-xs-8">'+
|
||||
'<input type="text" placeholder="'+defaultValue+'" class="form-control ng-pristine ng-invalid-required ng-invalid final" required="" readonly>'+
|
||||
@ -288,6 +295,8 @@ angular.module('SurveyHelper', [ 'Utilities', 'RestServices', 'SchedulesHelper',
|
||||
}
|
||||
if(question.type === "textarea"){
|
||||
defaultValue = (question.default) ? question.default : (question.default_textarea) ? question.default_textarea: "" ;
|
||||
defaultValue = defaultValue.replace(/</g, "<");
|
||||
defaultValue = defaultValue.replace(/>/g, ">");
|
||||
html+='<div class="row">'+
|
||||
'<div class="col-xs-8">'+
|
||||
'<textarea class="form-control ng-pristine ng-invalid-required ng-invalid final" required="" rows="3" readonly>'+defaultValue+'</textarea>'+
|
||||
@ -300,6 +309,8 @@ angular.module('SurveyHelper', [ 'Utilities', 'RestServices', 'SchedulesHelper',
|
||||
|
||||
for( i = 0; i<choices.length; i++){
|
||||
checked = (!Empty(question.default) && question.default.indexOf(choices[i])!==-1) ? "checked" : "";
|
||||
choices[i] = choices[i] .replace(/</g, "<");
|
||||
choices[i] = choices[i] .replace(/>/g, ">");
|
||||
html+= '<input type="'+element+'" class="mc" ng-required="!'+question.variable+'" name="'+question.variable+ ' " id="'+question.variable+'" value=" '+choices[i]+' " '+checked+' >' +
|
||||
'<span>'+choices[i] +'</span><br>' ;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user