Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #3310081 by mcdruid: javascript links in contrib broken since 7.92

merge-requests/3045/head
Juraj Nemec 2022-11-11 19:06:50 +01:00
parent 3c7c72fbcd
commit 9a82e007b0
No known key found for this signature in database
GPG Key ID: 01EC3E1EECB5B2CA
2 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
includes/common.inc
View File

@ -2608,7 +2608,14 @@ function l($text, $path, array $options = array()) {
$use_theme = FALSE;
}
}
$path = drupal_strip_dangerous_protocols((string) $path);
$path = (string) $path;
// For backwards compatibility, do not strip a couple of specific javascript
// paths that are harmless.
// @see https://www.drupal.org/project/drupal/issues/3310081
$skip_js_paths = array('javascript:void()', 'javascript:void();', 'javascript:void(0)', 'javascript:void(0);');
if (!in_array(strtolower($path), $skip_js_paths)) {
$path = drupal_strip_dangerous_protocols($path);
}
if ($use_theme) {
return theme('link', array('text' => $text, 'path' => $path, 'options' => $options));
}

14
modules/simpletest/tests/common.test
View File

@ -97,6 +97,20 @@ class CommonURLUnitTest extends DrupalWebTestCase {
$path = "javascript:alert('XSS')";
$link = l($text, $path, array('external' => TRUE));
$this->assertTrue(strpos($link, 'javascript:') === FALSE, 'Dangerous protocol javascript: was sanitized.');
// Verify that these harmless javascript paths are left intact for BC.
$special_case_js_paths = array(
'javascript:void()',
'javascript:void();',
'javascript:void(0)',
'javascript:void(0);',
'JavaScript:Void(0)'
);
foreach ($special_case_js_paths as $path) {
$text = $this->randomName();
$link = l($text, $path, array('external' => TRUE));
$this->assertTrue(strpos($link, $path) !== FALSE, format_string('Harmless @path was not sanitized.', array('@path' => $path)));
}
}
/*