revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-22 14:52:41 +01:00
Code Issues Releases Wiki Activity
No description
16476 commits 3 branches 7 tags 153 MiB
PHP 93.5%
JavaScript 4.1%
CSS 2.4%
Find a file
epriestley 54bcbdaba9 Fix an XSS issue with certain high-priority remarkup rules embedded inside lower-priority link rules 
Summary:
See <https://hackerone.com/reports/758002>. The link rules don't test that their parameters are flat text before using them in unsafe contexts.

Since almost all rules are lower-priority than these link rules, this behavior isn't obvious. However, two rules have broadly higher priority (monospaced text, and one variation of link rules has higher priority than the other), and the latter can be used to perform an XSS attack with input in the general form `()[ [[ ... | ... ]] ]` so that the inner link rule is evaluated first, then the outer link rule uses non-flat text in an unsafe way.

Test Plan:
Tested examples in HackerOne report. A simple example of broken (but not unsafe) behavior is:

```
[[ `x` | `y` ]]
```

Differential Revision: https://secure.phabricator.com/D20937
2019-12-13 10:37:50 -08:00
bin Remove the "ssh-auth-key" script 2019-10-28 17:52:37 -07:00
conf Remove an old digest in Celerity code and some obsolete configuration options 2019-01-04 13:43:38 -08:00
externals Remove WePay support from Phortune, and Restful/Httpful dependencies 2019-05-14 09:14:53 -07:00
resources Give "PhabricatorUserEmail" a PHID 2019-11-19 09:41:29 -08:00
scripts Don't use "phutil_hashes_are_identical()" to compare public keys 2019-10-28 18:34:30 -07:00
src Fix an XSS issue with certain high-priority remarkup rules embedded inside lower-priority link rules 2019-12-13 10:37:50 -08:00
support Make it easier to parse "X-Forwarded-For" with one or more load balancers 2019-09-05 04:30:13 -07:00
webroot Remove "stronger/weaker" policy color hints from object headers 2019-11-18 22:05:26 -08:00
.arcconfig Set "history.immutable" to "false" explicitly in .arcconfig 2016-08-03 08:12:49 -07:00
.arclint Move web application classes into "phabricator/" 2019-09-02 07:58:59 -07:00
.arcunit Use the configuration driven unit test engine 2015-08-11 07:57:11 +10:00
.editorconfig Fix text lint issues 2015-02-12 07:00:13 +11:00
.gitignore Make i18n string extraction faster and more flexible 2016-07-04 10:23:30 -07:00
LICENSE Fix text lint issues 2015-02-12 07:00:13 +11:00
NOTICE Update Phabricator NOTICE file to reflect modern legal circumstances 2014-06-25 13:42:13 -07:00
README.md Remove push to IRC from "readme.md" too 2015-10-24 18:39:16 -07:00

README.md

Phabricator is a collection of web applications which help software companies build better software.

Phabricator includes applications for:

  • reviewing and auditing source code;
  • hosting and browsing repositories;
  • tracking bugs;
  • managing projects;
  • conversing with team members;
  • assembling a party to venture forth;
  • writing stuff down and reading it later;
  • hiding stuff from coworkers; and
  • also some other things.

You can learn more about the project (and find links to documentation and resources) at Phabricator.org

Phabricator is developed and maintained by Phacility.

SUPPORT RESOURCES

For resources on filing bugs, requesting features, reporting security issues, and getting other kinds of support, see Support Resources.

NO PULL REQUESTS!

We do not accept pull requests through GitHub. If you would like to contribute code, please read our Contributor's Guide.

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.