id summary reporter owner description type status priority milestone component version resolution keywords cc include_gantt dependencies due_assign due_close 283 upload でjavascriptが埋め込めるセキュリティ的脅威があった mn atsuko "該当コード lib/galaxy/tools/actions/upload.py {{{ def check_html( self, temp_name, chunk=None ): if chunk is None: temp = open(temp_name, ""U"") else: temp = chunk regexp1 = re.compile( ""]*HREF[^>]+>"", re.I ) regexp2 = re.compile( ""]*>"", re.I ) regexp3 = re.compile( ""]*>"", re.I ) regexp4 = re.compile( ""]*>"", re.I ) lineno = 0 for line in temp: lineno += 1 matches = regexp1.search( line ) or regexp2.search( line ) or regexp3.search( line ) or regexp4.search( line ) if matches: if chunk is None: temp.close() return True if lineno > 100: break if chunk is None: temp.close() return False }}} 変更案。 * regexp5 = re.compile( ""]*>"", re.I ) を追加。 * matches = regexp1.search( line ) or regexp2.search( line ) or regexp3.search( line ) or regexp4.search( line ) or regrexp5( line ) を追加。 {{{ def check_html( self, temp_name, chunk=None ): if chunk is None: temp = open(temp_name, ""U"") else: temp = chunk regexp1 = re.compile( ""]*HREF[^>]+>"", re.I ) regexp2 = re.compile( ""]*>"", re.I ) regexp3 = re.compile( ""]*>"", re.I ) regexp4 = re.compile( ""]*>"", re.I ) regexp5 = re.compile( ""]*>"", re.I ) lineno = 0 for line in temp: lineno += 1 matches = regexp1.search( line ) or regexp2.search( line ) or regexp3.search( line ) or regexp4.search( line ) or regrexp5( line ) if matches: if chunk is None: temp.close() return True if lineno > 100: break if chunk is None: temp.close() return False }}} " 不具合 assigned 備忘録 Problems Galaxy mn atsuko 0 YYYY/MM/DD YYYY/MM/DD