Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix potential Cross-site Scripting (XSS) exploits in demos #2817

Merged
merged 1 commit into from
Nov 25, 2021
+93 −25
Merged

Fix potential Cross-site Scripting (XSS) exploits in demos #2817

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 13 additions & 4 deletions html/audiobridgetest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@ $(document).ready(function() {
Janus.debug("Got a list of participants:", list);
for(var f in list) {
var id = list[f]["id"];
var display = list[f]["display"];
var display = escapeXmlTags(list[f]["display"]);
var setup = list[f]["setup"];
var muted = list[f]["muted"];
var spatial = list[f]["spatial_position"];
Expand Down Expand Up @@ -222,7 +222,7 @@ $(document).ready(function() {
Janus.debug("Got a list of participants:", list);
for(var f in list) {
var id = list[f]["id"];
var display = list[f]["display"];
var display = escapeXmlTags(list[f]["display"]);
var setup = list[f]["setup"];
var muted = list[f]["muted"];
var spatial = list[f]["spatial_position"];
Expand Down Expand Up @@ -267,7 +267,7 @@ $(document).ready(function() {
Janus.debug("Got a list of participants:", list);
for(var f in list) {
var id = list[f]["id"];
var display = list[f]["display"];
var display = escapeXmlTags(list[f]["display"]);
var setup = list[f]["setup"];
var muted = list[f]["muted"];
var spatial = list[f]["spatial_position"];
Expand Down Expand Up @@ -429,7 +429,7 @@ function registerUsername() {
return;
}
var register = { request: "join", room: myroom, display: username };
myusername = username;
myusername = escapeXmlTags(username);
// Check if we need to join using G.711 instead of (default) Opus
if(acodec === 'opus' || acodec === 'pcmu' || acodec === 'pcma')
register.codec = acodec;
Expand All @@ -448,3 +448,12 @@ function getQueryStringValue(name) {
results = regex.exec(location.search);
return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
}

// Helper to escape XML tags
function escapeXmlTags(value) {
if(value) {
var escapedValue = value.replace(new RegExp('<', 'g'), '&lt');
escapedValue = escapedValue.replace(new RegExp('>', 'g'), '&gt');
return escapedValue;
}
}
13 changes: 11 additions & 2 deletions html/recordplaytest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -423,11 +423,11 @@ function updateRecsList() {
Janus.debug("Got a list of available recordings:", list);
for(var mp in list) {
Janus.debug(" >> [" + list[mp]["id"] + "] " + list[mp]["name"] + " (" + list[mp]["date"] + ")");
$('#recslist').append("<li><a href='#' id='" + list[mp]["id"] + "'>" + list[mp]["name"] + " [" + list[mp]["date"] + "]" + "</a></li>");
$('#recslist').append("<li><a href='#' id='" + list[mp]["id"] + "'>" + escapeXmlTags(list[mp]["name"]) + " [" + list[mp]["date"] + "]" + "</a></li>");
}
$('#recslist a').unbind('click').click(function() {
selectedRecording = $(this).attr("id");
selectedRecordingInfo = $(this).text();
selectedRecordingInfo = escapeXmlTags($(this).text());
$('#recset').html($(this).html()).parent().removeClass('open');
$('#play').removeAttr('disabled').click(startPlayout);
return false;
Expand Down Expand Up @@ -545,3 +545,12 @@ function getQueryStringValue(name) {
results = regex.exec(location.search);
return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
}

// Helper to escape XML tags
function escapeXmlTags(value) {
if(value) {
var escapedValue = value.replace(new RegExp('<', 'g'), '&lt');
escapedValue = escapedValue.replace(new RegExp('>', 'g'), '&gt');
return escapedValue;
}
}
11 changes: 10 additions & 1 deletion html/screensharingtest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,7 @@ $(document).ready(function() {
if(event === "joined") {
myid = msg["id"];
$('#session').html(room);
$('#title').html(msg["description"]);
$('#title').html(escapeXmlTags(msg["description"]));
Janus.log("Successfully joined room " + msg["room"] + " with ID " + myid);
if(role === "publisher") {
// This is our session, publish our stream
Expand Down Expand Up @@ -514,3 +514,12 @@ function newRemoteFeed(id, display) {
}
});
}

// Helper to escape XML tags
function escapeXmlTags(value) {
if(value) {
var escapedValue = value.replace(new RegExp('<', 'g'), '&lt');
escapedValue = escapedValue.replace(new RegExp('>', 'g'), '&gt');
return escapedValue;
}
}
13 changes: 11 additions & 2 deletions html/streamingtest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -323,7 +323,7 @@ function updateStreamsList() {
Janus.debug(list);
for(var mp in list) {
Janus.debug(" >> [" + list[mp]["id"] + "] " + list[mp]["description"] + " (" + list[mp]["type"] + ")");
$('#streamslist').append("<li><a href='#' id='" + list[mp]["id"] + "'>" + list[mp]["description"] + " (" + list[mp]["type"] + ")" + "</a></li>");
$('#streamslist').append("<li><a href='#' id='" + list[mp]["id"] + "'>" + escapeXmlTags(list[mp]["description"]) + " (" + list[mp]["type"] + ")" + "</a></li>");
}
$('#streamslist a').unbind('click').click(function() {
selectedStream = $(this).attr("id");
Expand All @@ -345,7 +345,7 @@ function getStreamInfo() {
var body = { request: "info", id: parseInt(selectedStream) || selectedStream };
streaming.send({ message: body, success: function(result) {
if(result && result.info && result.info.metadata) {
$('#metadata').html(result.info.metadata);
$('#metadata').html(escapeXmlTags(result.info.metadata));
$('#info').removeClass('hide').show();
}
}});
Expand Down Expand Up @@ -394,6 +394,15 @@ function stopStream() {
simulcastStarted = false;
}

// Helper to escape XML tags
function escapeXmlTags(value) {
if(value) {
var escapedValue = value.replace(new RegExp('<', 'g'), '&lt');
escapedValue = escapedValue.replace(new RegExp('>', 'g'), '&gt');
return escapedValue;
}
}

// Helpers to create Simulcast-related UI, if enabled
function addSimulcastButtons() {
$('#curres').parent().append(
Expand Down
23 changes: 14 additions & 9 deletions html/textroomtest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -153,9 +153,7 @@ $(document).ready(function() {
var what = json["textroom"];
if(what === "message") {
// Incoming message: public or private?
var msg = json["text"];
msg = msg.replace(new RegExp('<', 'g'), '&lt');
msg = msg.replace(new RegExp('>', 'g'), '&gt');
var msg = escapeXmlTags(json["text"]);
var from = json["from"];
var dateString = getDateString(json["date"]);
var whisper = json["whisper"];
Expand All @@ -170,17 +168,15 @@ $(document).ready(function() {
}
} else if(what === "announcement") {
// Room announcement
var msg = json["text"];
msg = msg.replace(new RegExp('<', 'g'), '&lt');
msg = msg.replace(new RegExp('>', 'g'), '&gt');
var msg = escapeXmlTags(json["text"]);
var dateString = getDateString(json["date"]);
$('#chatroom').append('<p style="color: purple;">[' + dateString + '] <i>' + msg + '</i>');
$('#chatroom').get(0).scrollTop = $('#chatroom').get(0).scrollHeight;
} else if(what === "join") {
// Somebody joined
var username = json["username"];
var display = json["display"];
participants[username] = display ? display : username;
participants[username] = escapeXmlTags(display ? display : username);
if(username !== myid && $('#rp' + username).length === 0) {
// Add to the participants list
$('#list').append('<li id="rp' + username + '" class="list-group-item">' + participants[username] + '</li>');
Expand Down Expand Up @@ -282,7 +278,7 @@ function registerUsername() {
username: myid,
display: username
};
myusername = username;
myusername = escapeXmlTags(username);
transactions[transaction] = function(response) {
if(response["textroom"] === "error") {
// Something went wrong
Expand Down Expand Up @@ -312,7 +308,7 @@ function registerUsername() {
if(response.participants && response.participants.length > 0) {
for(var i in response.participants) {
var p = response.participants[i];
participants[p.username] = p.display ? p.display : p.username;
participants[p.username] = escapeXmlTags(p.display ? p.display : p.username);
if(p.username !== myid && $('#rp' + p.username).length === 0) {
// Add to the participants list
$('#list').append('<li id="rp' + p.username + '" class="list-group-item">' + participants[p.username] + '</li>');
Expand Down Expand Up @@ -418,3 +414,12 @@ function getQueryStringValue(name) {
results = regex.exec(location.search);
return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
}

// Helper to escape XML tags
function escapeXmlTags(value) {
if(value) {
var escapedValue = value.replace(new RegExp('<', 'g'), '&lt');
escapedValue = escapedValue.replace(new RegExp('>', 'g'), '&gt');
return escapedValue;
}
}
15 changes: 12 additions & 3 deletions html/videocalltest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ $(document).ready(function() {
} else if(result["event"]) {
var event = result["event"];
if(event === 'registered') {
myusername = result["username"];
myusername = escapeXmlTags(result["username"]);
Janus.log("Successfully registered as " + myusername + "!");
$('#youok').removeClass('hide').show().html("Registered as '" + myusername + "'");
// Get a list of available peers, just for fun
Expand All @@ -163,7 +163,7 @@ $(document).ready(function() {
bootbox.alert("Waiting for the peer to answer...");
} else if(event === 'incomingcall') {
Janus.log("Incoming call from " + result["username"] + "!");
yourusername = result["username"];
yourusername = escapeXmlTags(result["username"]);
// Notify user
bootbox.hideAll();
incoming = bootbox.dialog({
Expand Down Expand Up @@ -213,7 +213,7 @@ $(document).ready(function() {
});
} else if(event === 'accepted') {
bootbox.hideAll();
var peer = result["username"];
var peer = escapeXmlTags(result["username"]);
if(!peer) {
Janus.log("Call started!");
} else {
Expand Down Expand Up @@ -598,6 +598,15 @@ function getQueryStringValue(name) {
return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
}

// Helper to escape XML tags
function escapeXmlTags(value) {
if(value) {
var escapedValue = value.replace(new RegExp('<', 'g'), '&lt');
escapedValue = escapedValue.replace(new RegExp('>', 'g'), '&gt');
return escapedValue;
}
}

// Helpers to create Simulcast-related UI, if enabled
function addSimulcastButtons(temporal) {
$('#curres').parent().append(
Expand Down
13 changes: 11 additions & 2 deletions html/videoroomtest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -400,7 +400,7 @@ function registerUsername() {
ptype: "publisher",
display: username
};
myusername = username;
myusername = escapeXmlTags(username);
sfutest.send({ message: register });
}
}
Expand Down Expand Up @@ -530,7 +530,7 @@ function newRemoteFeed(id, display, audio, video) {
}
}
remoteFeed.rfid = msg["id"];
remoteFeed.rfdisplay = msg["display"];
remoteFeed.rfdisplay = escapeXmlTags(msg["display"]);
if(!remoteFeed.spinner) {
var target = document.getElementById('videoremote'+remoteFeed.rfindex);
remoteFeed.spinner = new Spinner({top:100}).spin(target);
Expand Down Expand Up @@ -685,6 +685,15 @@ function getQueryStringValue(name) {
return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
}

// Helper to escape XML tags
function escapeXmlTags(value) {
if(value) {
var escapedValue = value.replace(new RegExp('<', 'g'), '&lt');
escapedValue = escapedValue.replace(new RegExp('>', 'g'), '&gt');
return escapedValue;
}
}

// Helpers to create Simulcast-related UI, if enabled
function addSimulcastButtons(feed, temporal) {
var index = feed;
Expand Down
13 changes: 11 additions & 2 deletions html/vp9svctest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -387,7 +387,7 @@ function registerUsername() {
ptype: "publisher",
display: username
};
myusername = username;
myusername = escapeXmlTags(username);
sfutest.send({ message: register });
}
}
Expand Down Expand Up @@ -486,7 +486,7 @@ function newRemoteFeed(id, display, audio, video) {
}
}
remoteFeed.rfid = msg["id"];
remoteFeed.rfdisplay = msg["display"];
remoteFeed.rfdisplay = escapeXmlTags(msg["display"]);
if(!remoteFeed.spinner) {
var target = document.getElementById('videoremote'+remoteFeed.rfindex);
remoteFeed.spinner = new Spinner({top:100}).spin(target);
Expand Down Expand Up @@ -630,6 +630,15 @@ function newRemoteFeed(id, display, audio, video) {
});
}

// Helper to escape XML tags
function escapeXmlTags(value) {
if(value) {
var escapedValue = value.replace(new RegExp('<', 'g'), '&lt');
escapedValue = escapedValue.replace(new RegExp('>', 'g'), '&gt');
return escapedValue;
}
}

// Helpers to create SVC-related UI for a new viewer
function addSvcButtons(feed) {
var index = feed;
Expand Down