Skip to content

Commit 83623c6

Browse files
michaelschwarzmichaelschwarz
committed
fixed an xss issue in client-side scripting
1 parent dbed04e commit 83623c6

File tree

2 files changed

+20
-32
lines changed

2 files changed

+20
-32
lines changed

AjaxPro/Utilities/Constant.cs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,6 @@ public sealed class Constant
5252
/// <summary>
5353
/// The assembly version.
5454
/// </summary>
55-
public const string AssemblyVersion = "21.12.8.1";
55+
public const string AssemblyVersion = "21.12.21.1";
5656
}
5757
}

AjaxPro/core.js

Lines changed: 19 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -174,29 +174,36 @@ Object.extend(AjaxPro, {
174174
queue: null,
175175
noUtcTime: false,
176176
regExDate: function (str, p1, p2, offset, s) {
177-
str = str.substring(1).replace('"', '');
178-
var date = str;
179-
180-
if (str.substring(0, 7) == "\\\/Date(") {
181-
str = str.match(/Date\((.*?)\)/)[1];
182-
date = "new Date(" + parseInt(str) + ")";
177+
var date = str.substring(1).replace('"', '');
178+
if (date.substring(0, 7) == "\\\/Date(") {
179+
var d = date.match(/Date\((.*?)\)/)[1];
180+
return "new Date(" + parseInt(d) + ")";
183181
}
184182
else { // ISO Date 2007-12-31T23:59:59Z
185-
var matches = str.split(/[-,:,T,Z]/);
186-
matches[1] = (parseInt(matches[1], 0) - 1).toString();
187-
date = "new Date(Date.UTC(" + matches.join(",") + "))";
183+
var matches = date.split(/[-,:,T,Z]/);
184+
if (matches.length == 7) {
185+
matches[1] = (parseInt(matches[1], 0) - 1).toString();
186+
var isDate = true;
187+
for (var i = 0; i < matches.length; i++) {
188+
if (isNaN(parseInt(matches[i], 10))) {
189+
isDate = false;
190+
break;
191+
}
192+
}
193+
if (isDate) {
194+
return "new Date(Date.UTC(" + matches.join(",") + "))";
195+
}
196+
}
188197
}
189-
return date;
198+
return str;
190199
},
191200
parse: function (text) {
192201
// not yet possible as we still return new type() JSON
193202
// if (!(!(/[^,:{}\[\]0-9.\-+Eaeflnr-u \n\r\t]/.test(
194203
// text.replace(/"(\\.|[^"\\])*"/g, ''))) ))
195204
// throw new Error("Invalid characters in JSON parse string.");
196-
197205
var regEx = /(\"\d{4}-\d{2}-\d{2}T\d{2}:\d{2}.*?\")|(\"\\\/Date\(.*?\)\\\/")/g;
198206
text = text.replace(regEx, this.regExDate);
199-
200207
return eval('(' + text + ')');
201208
},
202209
m: {
@@ -239,25 +246,6 @@ Object.extend(AjaxPro, {
239246
}
240247
return "[" + v.join(",") + "]";
241248
} else if (c == Date) {
242-
// var d = {};
243-
// d.__type = "System.DateTime";
244-
// if(AjaxPro.noUtcTime == true) {
245-
// d.Year = o.getFullYear();
246-
// d.Month = o.getMonth() +1;
247-
// d.Day = o.getDate();
248-
// d.Hour = o.getHours();
249-
// d.Minute = o.getMinutes();
250-
// d.Second = o.getSeconds();
251-
// d.Millisecond = o.getMilliseconds();
252-
// } else {
253-
// d.Year = o.getUTCFullYear();
254-
// d.Month = o.getUTCMonth() +1;
255-
// d.Day = o.getUTCDate();
256-
// d.Hour = o.getUTCHours();
257-
// d.Minute = o.getUTCMinutes();
258-
// d.Second = o.getUTCSeconds();
259-
// d.Millisecond = o.getUTCMilliseconds();
260-
// }
261249
return AjaxPro.toJSON("/Date(" + new Date(Date.UTC(o.getUTCFullYear(), o.getUTCMonth(), o.getUTCDate(), o.getUTCHours(), o.getUTCMinutes(), o.getUTCSeconds(), o.getUTCMilliseconds())).getTime() + ")/");
262250
}
263251
if (typeof o.toJSON == "function") {

0 commit comments

Comments
 (0)