Properly sanitize JSON data to fix XSS on Issue details page.

author: Fatih Acet <acetfatih@gmail.com> 2018-08-23 22:53:35 +0200
committer: André Luís <aluis@gitlab.com> 2018-09-11 13:30:36 +0100
commit: 6d360c210d3d822fc266eecc04753481ae4bda70 (patch)
tree: 2884f5d800cd8f26020bcf0913aa78c11bc3a61d /app/assets/javascripts/issue_show
parent: c56f2b96159afaf6f1e0831d0e7a756a40568cab (diff)
download: gitlab-ce-6d360c210d3d822fc266eecc04753481ae4bda70.tar.gz
1 files changed, 4 insertions, 3 deletions
diff --git a/app/assets/javascripts/issue_show/index.js b/app/assets/javascripts/issue_show/index.js
index 75dfdedcf1b..d08e8ba0c4b 100644
--- a/app/assets/javascripts/issue_show/index.js
+++ b/app/assets/javascripts/issue_show/index.js
@@ -1,10 +1,11 @@
 import Vue from 'vue';
+import sanitize from 'sanitize-html';
 import issuableApp from './components/app.vue';
 import '../vue_shared/vue_resource_interceptor';
 
-document.addEventListener('DOMContentLoaded', () => {
+export default function initIssueableApp() {
   const initialDataEl = document.getElementById('js-issuable-app-initial-data');
-  const props = JSON.parse(initialDataEl.innerHTML.replace(/&quot;/g, '"'));
+  const props = JSON.parse(sanitize(initialDataEl.textContent).replace(/&quot;/g, '"'));
 
   return new Vue({
     el: document.getElementById('js-issuable-app'),
@@ -17,4 +18,4 @@ document.addEventListener('DOMContentLoaded', () => {
       });
     },
   });
-});
+}
author	Fatih Acet <acetfatih@gmail.com>	2018-08-23 22:53:35 +0200
committer	André Luís <aluis@gitlab.com>	2018-09-11 13:30:36 +0100
commit	6d360c210d3d822fc266eecc04753481ae4bda70 (patch)
tree	2884f5d800cd8f26020bcf0913aa78c11bc3a61d /app/assets/javascripts/issue_show
parent	c56f2b96159afaf6f1e0831d0e7a756a40568cab (diff)
download	gitlab-ce-6d360c210d3d822fc266eecc04753481ae4bda70.tar.gz