Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
2dfa614c
Commit
2dfa614c
authored
Jan 24, 2019
by
Constance Okoghenun
Committed by
Yorick Peterse
Jan 24, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[master] Resolve "[Security] Stored XSS via KaTeX"
parent
cb3e3835
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
22 additions
and
1 deletion
+22
-1
changelogs/unreleased/security-stored-xss-via-katex.yml
changelogs/unreleased/security-stored-xss-via-katex.yml
+5
-0
spec/features/markdown/math_spec.rb
spec/features/markdown/math_spec.rb
+17
-1
No files found.
changelogs/unreleased/security-stored-xss-via-katex.yml
0 → 100644
View file @
2dfa614c
---
title
:
Fixed XSS content in KaTex links
merge_request
:
author
:
type
:
security
spec/features/markdown/math_spec.rb
View file @
2dfa614c
require
'spec_helper'
require
'spec_helper'
describe
'Math rendering'
,
:js
do
describe
'Math rendering'
,
:js
do
let!
(
:project
)
{
create
(
:project
,
:public
)
}
it
'renders inline and display math correctly'
do
it
'renders inline and display math correctly'
do
description
=
<<~
MATH
description
=
<<~
MATH
This math is inline $`a^2+b^2=c^2`$.
This math is inline $`a^2+b^2=c^2`$.
...
@@ -11,7 +13,6 @@ describe 'Math rendering', :js do
...
@@ -11,7 +13,6 @@ describe 'Math rendering', :js do
```
```
MATH
MATH
project
=
create
(
:project
,
:public
)
issue
=
create
(
:issue
,
project:
project
,
description:
description
)
issue
=
create
(
:issue
,
project:
project
,
description:
description
)
visit
project_issue_path
(
project
,
issue
)
visit
project_issue_path
(
project
,
issue
)
...
@@ -19,4 +20,19 @@ describe 'Math rendering', :js do
...
@@ -19,4 +20,19 @@ describe 'Math rendering', :js do
expect
(
page
).
to
have_selector
(
'.katex .mord.mathdefault'
,
text:
'b'
)
expect
(
page
).
to
have_selector
(
'.katex .mord.mathdefault'
,
text:
'b'
)
expect
(
page
).
to
have_selector
(
'.katex-display .mord.mathdefault'
,
text:
'b'
)
expect
(
page
).
to
have_selector
(
'.katex-display .mord.mathdefault'
,
text:
'b'
)
end
end
it
'only renders non XSS links'
do
description
=
<<~
MATH
This link is valid $`
\\
href{javascript:alert('xss');}{xss}`$.
This link is valid $`
\\
href{https://gitlab.com}{Gitlab}`$.
MATH
issue
=
create
(
:issue
,
project:
project
,
description:
description
)
visit
project_issue_path
(
project
,
issue
)
expect
(
page
).
to
have_selector
(
'.katex-error'
,
text:
"
\h
ref{javascript:alert('xss');}{xss}"
)
expect
(
page
).
to
have_selector
(
'.katex-html a'
,
text:
'Gitlab'
)
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment