Fix XSS-Vulnerability in configuration page

Add HTML entity encoding to the SSID of networks that can be found
using the "Scan for wifi networks" function of the configuration
page.
This commit is contained in:
Max 2018-10-03 19:29:46 +02:00
parent 1707c73264
commit cea848dec4
1 changed files with 12 additions and 1 deletions

View File

@ -789,6 +789,17 @@ void HandleWifiConfiguration()
HandleWifi(false); HandleWifi(false);
} }
String htmlEscape(String s)
{
s.replace("&", "&");
s.replace("<", "&lt;");
s.replace(">", "&gt;");
s.replace("\"", "&quot;");
s.replace("'", "&#x27;");
s.replace("/", "&#x2F;");
return s;
}
void HandleWifi(boolean scan) void HandleWifi(boolean scan)
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
@ -854,7 +865,7 @@ void HandleWifi(boolean scan)
String item = FPSTR(HTTP_LNK_ITEM); String item = FPSTR(HTTP_LNK_ITEM);
String rssiQ; String rssiQ;
rssiQ += quality; rssiQ += quality;
item.replace(F("{v}"), WiFi.SSID(indices[i])); item.replace(F("{v}"), htmlEscape(WiFi.SSID(indices[i])));
item.replace(F("{w}"), String(WiFi.channel(indices[i]))); item.replace(F("{w}"), String(WiFi.channel(indices[i])));
item.replace(F("{r}"), rssiQ); item.replace(F("{r}"), rssiQ);
uint8_t auth = WiFi.encryptionType(indices[i]); uint8_t auth = WiFi.encryptionType(indices[i]);