Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Minor security improvements #2 (#3041)
* Escape HTML and attributes before returning
* Remove deprecated vars
  • Loading branch information
ozh committed Aug 31, 2021
1 parent 7e06aa1 commit 1d8e224
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 4 deletions.
12 changes: 8 additions & 4 deletions includes/functions-shorturls.php
Expand Up @@ -301,8 +301,6 @@ function yourls_edit_link( $url, $keyword, $newkeyword='', $title='' ) {
$keyword = yourls_sanitize_keyword($keyword);
$title = yourls_sanitize_title($title);
$newkeyword = yourls_sanitize_keyword($newkeyword, true);
$strip_url = stripslashes( $url );
$strip_title = stripslashes( $title );

if(!$url OR !$newkeyword) {
$return['status'] = 'fail';
Expand Down Expand Up @@ -334,12 +332,18 @@ function yourls_edit_link( $url, $keyword, $newkeyword='', $title='' ) {
$binds = array('url' => $url, 'newkeyword' => $newkeyword, 'title' => $title, 'keyword' => $keyword);
$update_url = $ydb->fetchAffected($sql, $binds);
if( $update_url ) {
$return['url'] = array( 'keyword' => $newkeyword, 'shorturl' => yourls_link($newkeyword), 'url' => $strip_url, 'display_url' => yourls_trim_long_string( $strip_url ), 'title' => $strip_title, 'display_title' => yourls_trim_long_string( $strip_title ) );
$return['url'] = array( 'keyword' => $newkeyword,
'shorturl' => yourls_link($newkeyword),
'url' => yourls_esc_url($url),
'display_url' => yourls_esc_html(yourls_trim_long_string($url)),
'title' => yourls_esc_attr($title),
'display_title' => yourls_esc_html(yourls_trim_long_string( $title ))
);
$return['status'] = 'success';
$return['message'] = yourls__( 'Link updated in database' );
} else {
$return['status'] = 'fail';
$return['message'] = /* //translators: "Error updating http://someurl/ (Shorturl: http://sho.rt/blah)" */ yourls_s( 'Error updating %s (Short URL: %s)', yourls_trim_long_string( $strip_url ), $keyword ) ;
$return['message'] = /* //translators: "Error updating http://someurl/ (Shorturl: http://sho.rt/blah)" */ yourls_s( 'Error updating %s (Short URL: %s)', yourls_esc_html(yourls_trim_long_string($url)), $keyword ) ;
}

// Nope
Expand Down
3 changes: 3 additions & 0 deletions tests/tests/shorturl/shorturl.php
Expand Up @@ -40,6 +40,9 @@ public function test_add_url() {

$fail = yourls_add_new_link( $url, $keyword, $title );
$this->assertEquals( 'fail', $fail['status'] );

$fail = yourls_add_new_link( $url, rand_str(), rand_str() );
$this->assertEquals( 'fail', $fail['status'] );
$this->assertEquals( 'error:url', $fail['code'] );

$fail = yourls_add_new_link( 'http://' . rand_str(), $keyword, $title );
Expand Down

0 comments on commit 1d8e224

Please sign in to comment.