]> git.joonet.de Git - adminer.git/commitdiff
projects / adminer.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cde9888)
Fix XSS in browsers which don't encode URL parameters (bug #775)
authorJakub Vrana <jakub@vrana.cz>
Sat, 6 Feb 2021 18:04:15 +0000 (19:04 +0100)
committerJakub Vrana <jakub@vrana.cz>
Sat, 6 Feb 2021 18:09:42 +0000 (19:09 +0100)
adminer/sql.inc.php patch | blob | history
changes.txt patch | blob | history

diff --git a/adminer/sql.inc.php b/adminer/sql.inc.php
index 69ba1779e83a327508c633bb2d8827b0c006cfbe..0192959ac52cf243bee4544837f3a3a94e29652d 100644 (file)
--- a/adminer/sql.inc.php
+++ b/adminer/sql.inc.php
@@ -222,7 +222,7 @@ if (!isset($_GET["import"])) {
        }
        echo "<p>";
        textarea("query", $q, 20);
-       echo script(($_POST ? "" : "qs('textarea').focus();\n") . "qs('#form').onsubmit = partial(sqlSubmit, qs('#form'), '" . remove_from_uri("sql|limit|error_stops|only_errors") . "');");
+       echo script(($_POST ? "" : "qs('textarea').focus();\n") . "qs('#form').onsubmit = partial(sqlSubmit, qs('#form'), '" . js_escape(remove_from_uri("sql|limit|error_stops|only_errors|history")) . "');");
        echo "<p>$execute\n";
        echo lang('Limit rows') . ": <input type='number' name='limit' class='size' value='" . h($_POST ? $_POST["limit"] : $_GET["limit"]) . "'>\n";
        
diff --git a/changes.txt b/changes.txt
index 5a9b02072900f516364a8fdde952fdbdfc2e23af..2757183c76e8850863c50fb1cefb0396a524840a 100644 (file)
--- a/changes.txt
+++ b/changes.txt
@@ -1,4 +1,5 @@
 Adminer 4.7.9-dev:
+Fix XSS in browsers which don't encode URL parameters (bug #775, regression from 4.7.0)
 Elasticsearch, ClickHouse: Do not print response if HTTP code is not 200
 Don't syntax highlight during IME composition (bug #747)
 MySQL: Do not export names in quotes with sql_mode='ANSI_QUOTES' (bug #749)
Sources of adminer, a webclient for database management systems.