ICEfaces
  1. ICEfaces
  2. ICE-7658

CLONE -Output components don't escape JavaScript

          Details

          • Type: Bug Bug
          • Status: Closed
          • Priority: Major Major
          • Resolution: Fixed
          • Affects Version/s: 1.8.2-EE-GA_P01, 2.0-Beta2
          • Fix Version/s: EE-1.8.2.GA_P04
          • Component/s: Framework, ICE-Components
          • Labels:
            None
          • Environment:
            All
          • Workaround Exists:
            Yes
          • Workaround Description:
            Hide
            Escape the value before passing it in:

            import com.icesoft.faces.util.DOMUtils;

            escaped = DOMUtils.escapeAnsi(value);
            Show
            Escape the value before passing it in: import com.icesoft.faces.util.DOMUtils; escaped = DOMUtils.escapeAnsi(value);

            Description

            The ICEfaces output component are not escaped by default which makes them vulnerable to cross site scripting attacks. The <ice:outputText> uses the escape attribute but the other output components do not (ex: <ice:selectOneMenu/>). Doing a test in a pure JSF application reveals that the JSF framework by default filters/escapes JavaScript by default.

              Activity

              Ascending order - Click to sort in descending order
              Arran Mccullough created issue -
              Arran Mccullough made changes -
              Field Original Value New Value
              Salesforce Case [5007000000C47HV] [5007000000KENdT]
              Fix Version/s EE-1.8.2.GA_P04 [ 10280 ]
              Fix Version/s 2.0.0 [ 10230 ]
              Hide
              Permalink
              Arran Mccullough added a comment -

              Customer has requested that the fixes made on the 2.x code base be added to the 1.8.x code.

              Show
              Arran Mccullough added a comment - Customer has requested that the fixes made on the 2.x code base be added to the 1.8.x code.
              Hide
              Permalink
              Ted Goddard added a comment -

              Were commits previously made on the original JIRA? If so, which one is it?

              Show
              Ted Goddard added a comment - Were commits previously made on the original JIRA? If so, which one is it?
              Ted Goddard made changes -
              Assignee Ted Goddard [ ted.goddard ] Arran Mccullough [ arran.mccullough ]
              Hide
              Permalink
              Arran Mccullough added a comment -

              Good question, I thought cloning it would link the old JIRA too. Here is the other JIRA: http://jira.icefaces.org/browse/ICE-5854

              Show
              Arran Mccullough added a comment - Good question, I thought cloning it would link the old JIRA too. Here is the other JIRA: http://jira.icefaces.org/browse/ICE-5854
              Arran Mccullough made changes -
              Assignee Arran Mccullough [ arran.mccullough ] Ted Goddard [ ted.goddard ]
              Repository Revision Date User Message
              ICEsoft Public SVN Repository #27215 Tue Jan 17 10:22:52 MST 2012 ted.goddard ensure label is escaped (ICE-7658)
              Files Changed
              Commit graph MODIFY /icefaces3/trunk/icefaces/compat/core/src/main/java/com/icesoft/faces/renderkit/dom_html_basic/SelectManyCheckboxListRenderer.java
              Repository Revision Date User Message
              ICEsoft Public SVN Repository #27216 Tue Jan 17 10:32:23 MST 2012 ted.goddard backported output escaping from ICE-5854 (ICE-7658)
              Files Changed
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/renderkit/dom_html_basic/SelectManyCheckboxListRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/outputprogress/OutputProgressRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/paneltabset/PanelTabSetRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/panelcollapsible/PanelCollapsibleRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/paneldivider/PanelDividerRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/renderkit/dom_html_basic/LabelRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/renderkit/dom_html_basic/CommandLinkRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/renderkit/dom_html_basic/MessageRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/selectinputtext/SelectInputTextRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/context/DOMContext.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/renderkit/dom_html_basic/OutputMessageRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/outputconnectionstatus/OutputConnectionStatusRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/renderkit/dom_html_basic/RadioRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/outputchart/OutputChart.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/inputrichtext/InputRichTextRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/ext/renderkit/TableRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/renderkit/dom_html_basic/MenuRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/renderkit/dom_html_basic/TextRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/selectinputdate/SelectInputDateRenderer.java
              Hide
              Permalink
              Ted Goddard added a comment -

              Fix backported to icefaces/trunk/icefaces.

              Full regression testing is necessary since a large number of components were modified.

              Show
              Ted Goddard added a comment - Fix backported to icefaces/trunk/icefaces. Full regression testing is necessary since a large number of components were modified.
              Ted Goddard made changes -
              Status Open [ 1 ] Resolved [ 5 ]
              Resolution Fixed [ 1 ]
              Repository Revision Date User Message
              ICEsoft Public SVN Repository #28673 Tue Apr 10 14:40:53 MDT 2012 ted.goddard corrected double-escaping cases (ICE-7658)
              Files Changed
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/menubar/MenuItemRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/selectinputtext/SelectInputTextRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/renderkit/dom_html_basic/OutputMessageRenderer.java
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/outputconnectionstatus/OutputConnectionStatusRenderer.java
              Ken Fyten made changes -
              Status Resolved [ 5 ] Closed [ 6 ]

                People

                • Assignee:
                  Ted Goddard
                  Reporter:
                  Arran Mccullough
                • Votes:
                  1 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: