Bug #71698
closed
Link fields accept inline javascript code
Added by Oliver Hader about 9 years ago.
Updated about 6 years ago.
Description
javascript:alert(1) can be submitted for every link field and will be rendered in the frontend passed through typolink. To circumvent that, the URI scheme and prefix "javascript:" will be disallowed per default. The extension "javascript_handler" allows however to bring back that insecure behavior since some installations might rely on it.
Files
- File javascript_handler.zip added
- Status changed from New to Under Review
Patch set 1 for branch master of project Teams/Security/TYPO3v4-Core has been pushed to the review server.
It is available at https://review.typo3.org/44803
Patch set 2 for branch master of project Teams/Security/TYPO3v4-Core has been pushed to the review server.
It is available at https://review.typo3.org/44803
Patch set 1 for branch TYPO3_6-2 of project Teams/Security/TYPO3v4-Core has been pushed to the review server.
It is available at https://review.typo3.org/44804
Patch set 3 for branch master of project Teams/Security/TYPO3v4-Core has been pushed to the review server.
It is available at https://review.typo3.org/44803
Patch set 2 for branch TYPO3_6-2 of project Teams/Security/TYPO3v4-Core has been pushed to the review server.
It is available at https://review.typo3.org/44804
- Status changed from Under Review to Resolved
- Status changed from Resolved to Under Review
- Status changed from Under Review to Resolved
- Status changed from Resolved to Under Review
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
- Status changed from Resolved to Under Review
- Status changed from Under Review to Resolved
- File deleted (
javascript_handler.zip)
- Project changed from 1716 to TYPO3 Core
- Category deleted (
OW-A07: Cross Site Scripting)
- Is Regression set to No
- Status changed from Resolved to Closed
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by