diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2012-01-10 00:53:33 +0100 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2012-01-10 00:53:33 +0100 |
commit | 74f713457a1d50b39a564cb0a647b2d937473e24 (patch) | |
tree | 0b74455a85edf0dcd2c6a8148371813f9a5d9c8c /template/en | |
parent | ed87a68c9fa5c099c79f45bb6f3ab95e42f14002 (diff) | |
download | bugzilla-74f713457a1d50b39a564cb0a647b2d937473e24.tar.gz bugzilla-74f713457a1d50b39a564cb0a647b2d937473e24.tar.xz |
Bug 716283: Clickjacking in the attachment "Details" page allows to bypass token checks
r=dkl a=LpSolit
Diffstat (limited to 'template/en')
-rw-r--r-- | template/en/default/attachment/edit.html.tmpl | 10 | ||||
-rw-r--r-- | template/en/default/global/textarea.html.tmpl | 3 |
2 files changed, 13 insertions, 0 deletions
diff --git a/template/en/default/attachment/edit.html.tmpl b/template/en/default/attachment/edit.html.tmpl index fbe3a9c79..95ad4d335 100644 --- a/template/en/default/attachment/edit.html.tmpl +++ b/template/en/default/attachment/edit.html.tmpl @@ -197,6 +197,16 @@ [% END %] </a> </p> + [% ELSIF attachment.contenttype == "text/html" %] + [%# For security reasons (clickjacking, embedded scripts), we never + # render HTML pages from here. The source code is displayed instead. %] + [% INCLUDE global/textarea.html.tmpl + id = 'viewFrame' + minrows = 10 + cols = 80 + defaultcontent = attachment.data + readonly = 'readonly' + %] [% ELSE %] <iframe id="viewFrame" src="attachment.cgi?id=[% attachment.id %]"> <b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. diff --git a/template/en/default/global/textarea.html.tmpl b/template/en/default/global/textarea.html.tmpl index c158615bd..ac7ab04ec 100644 --- a/template/en/default/global/textarea.html.tmpl +++ b/template/en/default/global/textarea.html.tmpl @@ -21,6 +21,8 @@ # style: (optional) The "style"-attribute of the textarea. # classes: (optional) The "class"-attribute of the textarea. # wrap: (deprecated; optional) The "wrap"-attribute of the textarea. + # disabled: (optional) Disable the textarea. + # readonly: (optional) Prevent the textarea from being edited. # minrows: (required) Number of rows the textarea shall have initially # and when not having focus. # maxrows: (optional) Number of rows the textarea shall have if @@ -42,6 +44,7 @@ [% IF classes %] class="[% classes FILTER html %]"[% END %] [% IF wrap %] wrap="[% wrap FILTER html %]"[% END %] [% IF disabled %] disabled="disabled"[% END %] + [% IF readonly %] readonly="readonly"[% END %] [% IF defaultrows && user.settings.zoom_textareas.value == 'off' %] rows="[% defaultrows FILTER html %]" [% ELSE %] |