diff options
| -rw-r--r-- | apps/dashboard/lib/Controller/LayoutApiController.php | 2 | ||||
| -rw-r--r-- | lib/private/Files/Filesystem.php | 1 | ||||
| -rw-r--r-- | lib/private/legacy/OC_App.php | 4 |
3 files changed, 5 insertions, 2 deletions
diff --git a/apps/dashboard/lib/Controller/LayoutApiController.php b/apps/dashboard/lib/Controller/LayoutApiController.php index 755470b7b07..8eb01be497e 100644 --- a/apps/dashboard/lib/Controller/LayoutApiController.php +++ b/apps/dashboard/lib/Controller/LayoutApiController.php @@ -31,7 +31,6 @@ use OCP\IConfig; use OCP\IRequest; class LayoutApiController extends OCSController { - /** @var IConfig */ private $config; /** @var string */ @@ -56,6 +55,7 @@ class LayoutApiController extends OCSController { * @return JSONResponse */ public function create(string $layout): JSONResponse { + $layout = htmlspecialchars($layout); $this->config->setUserValue($this->userId, 'dashboard', 'layout', $layout); return new JSONResponse(['layout' => $layout]); } diff --git a/lib/private/Files/Filesystem.php b/lib/private/Files/Filesystem.php index 367982eed72..c50fa1f9de9 100644 --- a/lib/private/Files/Filesystem.php +++ b/lib/private/Files/Filesystem.php @@ -642,6 +642,7 @@ class Filesystem { * @param bool $stripTrailingSlash whether to strip the trailing slash * @param bool $isAbsolutePath whether the given path is absolute * @param bool $keepUnicode true to disable unicode normalization + * @psalm-taint-escape file * @return string */ public static function normalizePath($path, $stripTrailingSlash = true, $isAbsolutePath = false, $keepUnicode = false) { diff --git a/lib/private/legacy/OC_App.php b/lib/private/legacy/OC_App.php index b28b2d38fbd..b1da6a1d2fb 100644 --- a/lib/private/legacy/OC_App.php +++ b/lib/private/legacy/OC_App.php @@ -85,12 +85,14 @@ class OC_App { * * @psalm-taint-escape file * @psalm-taint-escape include + * @psalm-taint-escape html + * @psalm-taint-escape has_quotes * * @param string $app AppId that needs to be cleaned * @return string */ public static function cleanAppId(string $app): string { - return str_replace(['\0', '/', '\\', '..'], '', $app); + return str_replace(['<', '>', '"', "'", '\0', '/', '\\', '..'], '', $app); } /** |