[Rt-commit] rt branch 5.0/article-html-content updated. rt-5.0.2-87-g0504fc12ad
BPS Git Server
git at git.bestpractical.com
Mon Mar 14 21:52:51 UTC 2022
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "rt".
The branch, 5.0/article-html-content has been updated
via 0504fc12ad55b3bfa30ac990b39e6822c4f35276 (commit)
from 65142d1da912a09de8a009df1252a12064e5e2e3 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 0504fc12ad55b3bfa30ac990b39e6822c4f35276
Author: sunnavy <sunnavy at bestpractical.com>
Date: Sat Mar 12 04:28:20 2022 +0800
Scrub permissively for non-ticket related custom field values
Ticket and transaction custom fields are scrubbed normally as they could
be set by external sources in many cases, which is not quite trustable.
diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index c02f49af75..efe4af7447 100644
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -70,6 +70,7 @@ use URI qw();
use RT::Interface::Web::Menu;
use RT::Interface::Web::Session;
use RT::Interface::Web::Scrubber;
+use RT::Interface::Web::Scrubber::Permissive;
use Digest::MD5 ();
use List::MoreUtils qw();
use JSON qw();
@@ -4708,7 +4709,7 @@ sub _parse_saved_search {
return ( _load_container_object( $obj_type, $obj_id ), $search_id );
}
-=head2 ScrubHTML content
+=head2 ScrubHTML Content => CONTENT, Permissive => 1|0
Removes unsafe and undesired HTML from the passed content
@@ -4721,14 +4722,18 @@ Removes unsafe and undesired HTML from the passed content
our $ReloadScrubber;
sub ScrubHTML {
+ my %args = @_ % 2 ? ( Content => @_ ) : @_;
+
state $scrubber = RT::Interface::Web::Scrubber->new;
+ state $permissive_scrubber = RT::Interface::Web::Scrubber::Permissive->new;
if ( $HTML::Mason::Commands::ReloadScrubber ) {
$scrubber = RT::Interface::Web::Scrubber->new;
+ $permissive_scrubber = RT::Interface::Web::Scrubber::Permissive->new;
$HTML::Mason::Commands::ReloadScrubber = 0;
}
- return $scrubber->scrub(@_);
+ return ( $args{Permissive} ? $permissive_scrubber : $scrubber )->scrub( $args{Content} );
}
=head2 JSON
diff --git a/lib/RT/Interface/Web/Scrubber/Permissive.pm b/lib/RT/Interface/Web/Scrubber/Permissive.pm
new file mode 100644
index 0000000000..f21cc5d025
--- /dev/null
+++ b/lib/RT/Interface/Web/Scrubber/Permissive.pm
@@ -0,0 +1,137 @@
+# BEGIN BPS TAGGED BLOCK {{{
+#
+# COPYRIGHT:
+#
+# This software is Copyright (c) 1996-2021 Best Practical Solutions, LLC
+# <sales at bestpractical.com>
+#
+# (Except where explicitly superseded by other copyright notices)
+#
+#
+# LICENSE:
+#
+# This work is made available to you under the terms of Version 2 of
+# the GNU General Public License. A copy of that license should have
+# been provided with this software, but in any event can be snarfed
+# from www.gnu.org.
+#
+# This work is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 or visit their web page on the internet at
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
+#
+#
+# CONTRIBUTION SUBMISSION POLICY:
+#
+# (The following paragraph is not intended to limit the rights granted
+# to you to modify and distribute this software under the terms of
+# the GNU General Public License and is only of importance to you if
+# you choose to contribute your changes and enhancements to the
+# community by submitting them to Best Practical Solutions, LLC.)
+#
+# By intentionally submitting any modifications, corrections or
+# derivatives to this work, or any other work intended for use with
+# Request Tracker, to Best Practical Solutions, LLC, you confirm that
+# you are the copyright holder for those contributions and you grant
+# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
+# royalty-free, perpetual, license to use, copy, create derivative
+# works based on those contributions, and sublicense and distribute
+# those contributions and any derivatives thereof.
+#
+# END BPS TAGGED BLOCK }}}
+
+package RT::Interface::Web::Scrubber::Permissive;
+use strict;
+use warnings;
+use 5.010;
+use base qw/RT::Interface::Web::Scrubber/;
+
+
+=head1 NAME
+
+RT::Interface::Web::Scrubber::Permissive
+
+=head1 DESCRIPTION
+
+This is a subclass of RT::Interface::Web::Scrubber. As a permissive version,
+it's more suitable for trusted content. It allows most things except scripts
+and comments by default.
+
+=head1 VARIABLES
+
+These variables can be altered by creating a C<Permissive_Local.pm> file,
+containing something of the form:
+
+ package RT::Interface::Web::Scrubber::Permissive;
+
+ # Deny the "style" attribute
+ $ATTRIBUTES{style} = 0;
+
+=over
+
+=item C<@DENIED_TAGS>
+
+Passed to L<HTML::Scrubber/deny>.
+
+=item C<%ATTRIBUTES>
+
+Passed into L<HTML::Scrubber/default>.
+
+=item C<%RULES>
+
+Passed to L<HTML::Scrubber/rules>.
+
+=back
+
+=cut
+
+our ( @DENIED_TAGS, %RULES );
+
+# Initally from PermissiveHTMLMail extension.
+our %ATTRIBUTES = (
+ '*' => 1,
+ 'href' => qr{^(?!(?:java)?script)}i,
+ 'src' => qr{^(?!(?:java)?script)}i,
+ 'cite' => qr{^(?!(?:java)?script)}i,
+ (
+ map { +( "on$_" => 0 ) }
+ qw/blur change click dblclick error focus
+ keydown keypress keyup load mousedown
+ mousemove mouseout mouseover mouseup reset
+ select submit unload/
+ ),
+);
+
+=head1 METHODS
+
+=head2 new
+
+Returns a new L<RT::Interface::Web::Scrubber::Permissive> object, configured
+with the above globals. Takes no arguments.
+
+=cut
+
+sub new {
+ my $class = shift;
+ my $self = $class->SUPER::new(@_);
+
+ $self->default( 1, \%ATTRIBUTES );
+ $self->deny(@DENIED_TAGS);
+ $self->rules(%RULES);
+
+ # Scrubbing comments is vital since IE conditional comments can contain
+ # arbitrary HTML and we'd pass it right on through.
+ $self->comment(0);
+
+ return $self;
+}
+
+RT::Base->_ImportOverlays();
+
+1;
diff --git a/lib/RT/ObjectCustomFieldValue.pm b/lib/RT/ObjectCustomFieldValue.pm
index 9c6ca7d3dc..1509b43560 100644
--- a/lib/RT/ObjectCustomFieldValue.pm
+++ b/lib/RT/ObjectCustomFieldValue.pm
@@ -806,6 +806,12 @@ sub ExternalStoreDigest {
return $self->_Value( 'LargeContent' );
}
+sub _ContentIsPermissive {
+ my $self = shift;
+ # All non-ticket related custom field values are considered permissive by default
+ return ( $self->CustomFieldObj->LookupType // '' ) =~ /RT::Ticket/ ? 0 : 1;
+}
+
RT::Base->_ImportOverlays();
1;
diff --git a/share/html/Elements/ScrubHTML b/share/html/Elements/ScrubHTML
index 119adc5f74..af7f594c06 100644
--- a/share/html/Elements/ScrubHTML
+++ b/share/html/Elements/ScrubHTML
@@ -46,8 +46,5 @@
%#
%# END BPS TAGGED BLOCK }}}
<%init>
-return ScrubHTML($Content);
+return ScrubHTML(%ARGS);
</%init>
-<%args>
-$Content => undef
-</%args>
diff --git a/share/html/Elements/ShowCustomFieldHTML b/share/html/Elements/ShowCustomFieldHTML
index 86e4bbfd95..11985dd755 100644
--- a/share/html/Elements/ShowCustomFieldHTML
+++ b/share/html/Elements/ShowCustomFieldHTML
@@ -48,7 +48,7 @@
<%$content|n%>
<%init>
my $content = $Object->LargeContent || $Object->Content;
-$content = $m->comp('/Elements/ScrubHTML', Content => $content);
+$content = $m->comp('/Elements/ScrubHTML', Content => $content, Permissive => $Object->_ContentIsPermissive);
</%init>
<%ARGS>
$Object
diff --git a/share/html/Elements/ShowCustomFieldText b/share/html/Elements/ShowCustomFieldText
index d20b1d4d4e..88a63f82c6 100644
--- a/share/html/Elements/ShowCustomFieldText
+++ b/share/html/Elements/ShowCustomFieldText
@@ -47,7 +47,7 @@
%# END BPS TAGGED BLOCK }}}
<%init>
my $content = $Object->LargeContent || $Object->Content;
- $content = $m->comp('/Elements/ScrubHTML', Content => $content);
+ $content = $m->comp('/Elements/ScrubHTML', Content => $content, Permissive => $Object->_ContentIsPermissive);
$content =~ s|\n|<br />|g;
</%init>
<%$content|n%>
diff --git a/share/html/Elements/ShowCustomFieldWikitext b/share/html/Elements/ShowCustomFieldWikitext
index 0ef6c7c140..e59175643e 100644
--- a/share/html/Elements/ShowCustomFieldWikitext
+++ b/share/html/Elements/ShowCustomFieldWikitext
@@ -48,7 +48,7 @@
<%$wiki_content|n%>
<%init>
my $content = $Object->LargeContent || $Object->Content;
-$content = $m->comp('/Elements/ScrubHTML', Content => $content);
+$content = $m->comp('/Elements/ScrubHTML', Content => $content, Permissive => $Object->_ContentIsPermissive);
my $base = $Object->Object->WikiBase;
my %wiki_args = (
extended => 1,
-----------------------------------------------------------------------
Summary of changes:
lib/RT/Interface/Web.pm | 9 +-
.../Web/Scrubber/Permissive.pm} | 122 +++++++++------------
lib/RT/ObjectCustomFieldValue.pm | 6 +
share/html/Elements/ScrubHTML | 5 +-
share/html/Elements/ShowCustomFieldHTML | 2 +-
share/html/Elements/ShowCustomFieldText | 2 +-
share/html/Elements/ShowCustomFieldWikitext | 2 +-
7 files changed, 70 insertions(+), 78 deletions(-)
copy lib/RT/{Plugin.pm => Interface/Web/Scrubber/Permissive.pm} (56%)
hooks/post-receive
--
rt
More information about the rt-commit
mailing list