[freebase-suggest commit] r104 - trunk/src

0 views
Skip to first unread message

codesite...@google.com

unread,
Sep 8, 2008, 6:47:33 PM9/8/08
to freebase...@googlegroups.com
Author: daepark
Date: Mon Sep 8 15:46:34 2008
New Revision: 104

Modified:
trunk/src/core.js
trunk/src/suggest.js

Log:
CLI-5405: Security issue: autocomplete evaluates topic names with script
tags
use $.text() instead of $.append() which may eval <script> tags.

Modified: trunk/src/core.js
==============================================================================
--- trunk/src/core.js (original)
+++ trunk/src/core.js Mon Sep 8 15:46:34 2008
@@ -1,5 +1,4 @@
/**
- * !!! NOTICE: This requires jQuery rev 3578 or higher !!!
*
* Version @VERSION
*/

Modified: trunk/src/suggest.js
==============================================================================
--- trunk/src/suggest.js (original)
+++ trunk/src/suggest.js Mon Sep 8 15:46:34 2008
@@ -108,7 +108,7 @@
* @type jQuery
*/
$.fn.freebaseSuggest = function(action, options) {
- if ((typeof action == "undefined" || typeof action == 'object') &&
options == null) {
+ if (typeof action == 'object' && options == null) {
// Only passed options so assume activation
options = action;
action = "activate";
@@ -383,12 +383,14 @@
'</div>');
}

- $("#fbs_flyout .fbs-flyout-name").empty().append('<a href="' +
this.freebase_url(li.fb_data.id, options) + '">' + $(".fbs-li-name",
li).text() + '</a>');
+ $a = $('<a href="' + this.freebase_url(li.fb_data.id, options)
+ '"/>');
+ $a.text($(".fbs-li-name", li).text());
+ $("#fbs_flyout .fbs-flyout-name").empty().append($a);
$("#fbs_flyout .fbs-flyout-image").empty();
if (img_src != "#")
$("#fbs_flyout .fbs-flyout-image").append('<img src="' + img_src
+ '"/>');
- $("#fbs_flyout .fbs-flyout-types").empty().append($(".fbs-li-types",
li).text());
-
$("#fbs_flyout .fbs-flyout-domains").empty().append($(".fbs-li-domains",
li).text());
+ $("#fbs_flyout .fbs-flyout-types").text($(".fbs-li-types", li).text());
+ $("#fbs_flyout .fbs-flyout-domains").text($(".fbs-li-domains",
li).text());
$("#fbs_flyout .fbs-flyout-blurb").empty().append(blurb);

var pos = $(this.get_list()).offset();
@@ -429,10 +431,21 @@
this.options = options;
var me = this;
$.each(["article", "image"], function(i,n) {
- var id = li.fb_data[n];
- if (id && typeof id == 'object')
- id = id.id;
- me["load_" + n](id);
+ var item = li.fb_data[n];
+ //If item is an object then extract data from it,
+ // else treat the item as an id string.
+ if (item && typeof item == 'object') {
+ if ('value' in item) {
+ // If we have a value then use this
+ // as the data
+ me.receive(n, item.value);
+ } else {
+ // Otherwise load the data from the id
+ me["load_" + n](item.id);
+ }
+ } else {
+ me["load_" + n](item);
+ }
});

};

Reply all
Reply to author
Forward
0 new messages