fix some XSS

diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/views/dashboard/no_dashboard.html.erb b/server/sonar-web/src/main/webapp/WEB-INF/app/views/dashboard/no_dashboard.html.erb
index 8802eb19301c7d6bb2cf086e1da1ff402ea3605f..cafd00d02e6f682cb8df3ebbeec9f7e25f869353 100644 (file)
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/views/dashboard/no_dashboard.html.erb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/views/dashboard/no_dashboard.html.erb
@@ -6,7 +6,7 @@
 <div id="accordion-panel"></div>
 
 <script type="text/javascript">
-  window.fileKey = '<%= @file.key -%>';
-  window.metric = '<%= @metric -%>';
+  window.fileKey = '<%= escape_javascript @file.key -%>';
+  window.metric = '<%= escape_javascript @metric -%>';
   document.getElementById('crumbs').remove();
 </script>

diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/views/drilldown/issues.html.erb b/server/sonar-web/src/main/webapp/WEB-INF/app/views/drilldown/issues.html.erb
index 1f9d2a805bd7ffc2e89ce464d2a8a69f3ce3f736..be2d71956a754a815f05df02a81b6be733e04ece 100644 (file)
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/views/drilldown/issues.html.erb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/views/drilldown/issues.html.erb
@@ -227,9 +227,9 @@
 
   window.drilldown = {
     metric: null,
-    rule: <% if @rule %>'<%= @rule.key -%>'<% else %>null<% end %>,
-    severity: <% if @severity %>'<%= @severity -%>'<% else %>null<% end %>,
-    period: <% if @period %><%= @period -%><% else %>null<% end %>
+    rule: <% if @rule %>'<%= escape_javascript @rule.key -%>'<% else %>null<% end %>,
+    severity: <% if @severity %>'<%= escape_javascript @severity -%>'<% else %>null<% end %>,
+    period: <% if @period %><%= escape_javascript @period -%><% else %>null<% end %>
   };
 </script>
 

diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/views/drilldown/measures.html.erb b/server/sonar-web/src/main/webapp/WEB-INF/app/views/drilldown/measures.html.erb
index 56e4d0500d72d773fed5f36a0e76c427d0a8299b..ce20188a8d2cbb4398d49f0d262e99b70275d168 100644 (file)
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/views/drilldown/measures.html.erb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/views/drilldown/measures.html.erb
@@ -8,7 +8,7 @@
   <div id="snapshot_title" class="page_title">
     <h4>
       <form method="GET" action="<%= url_for :action => 'measures' -%>" style="display: inline">
-        <input type="hidden" name="metric" value="<%= params[:metric] -%>"/>
+        <input type="hidden" name="metric" value="<%= h params[:metric] -%>"/>
 
         <select id="select-comparison" name="period" onchange="submit()">
           <% if @drilldown.display_value? %>
@@ -121,10 +121,10 @@
   <% end %>
 
   window.drilldown = {
-    metric: <% if @metric %>'<%= @metric.key -%>'<% else %>null<% end %>,
+    metric: <% if @metric %>'<%= escape_javascript @metric.key -%>'<% else %>null<% end %>,
     rule: null,
     severity: null,
-    period: <% if @period %><%= @period -%><% else %>null<% end %>
+    period: <% if @period %><%= escape_javascript @period -%><% else %>null<% end %>
   };
 </script>