From c5966961dac87fd9978adce5144d0a964d7a3edc Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Sat, 29 Apr 2023 12:34:14 +0100 Subject: [PATCH] Sanitize ticket details output in main edit modal --- ticket_edit_modal.php | 2 +- tickets.php | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ticket_edit_modal.php b/ticket_edit_modal.php index ef5fac41..e245648a 100644 --- a/ticket_edit_modal.php +++ b/ticket_edit_modal.php @@ -45,7 +45,7 @@
- +
diff --git a/tickets.php b/tickets.php index 34e8ca1d..5f2a4ec0 100644 --- a/tickets.php +++ b/tickets.php @@ -6,6 +6,12 @@ $o = "DESC"; require_once("inc_all.php"); +//Initialize the HTML Purifier to prevent XSS +require("plugins/htmlpurifier/HTMLPurifier.standalone.php"); +$purifier_config = HTMLPurifier_Config::createDefault(); +$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]); +$purifier = new HTMLPurifier($purifier_config); + // Ticket status from GET if (!isset($_GET['status'])) { // If nothing is set, assume we only want to see open tickets @@ -261,7 +267,7 @@ $user_active_assigned_tickets = intval($row['total_tickets_assigned']); $ticket_prefix = htmlentities($row['ticket_prefix']); $ticket_number = intval($row['ticket_number']); $ticket_subject = htmlentities($row['ticket_subject']); - $ticket_details = htmlentities($row['ticket_details']); + $ticket_details = $purifier->purify($row['ticket_details']); $ticket_priority = htmlentities($row['ticket_priority']); $ticket_status = htmlentities($row['ticket_status']); $ticket_created_at = htmlentities($row['ticket_created_at']);