jcarr
/
noVNC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: jcarr:master
Branches Tags
jcarr:master
jcarr:smallpinch
jcarr:wasm
jcarr:stable/v0.6
jcarr:v1.6.0
jcarr:v1.6.0-beta
jcarr:v1.5.0
jcarr:v1.5.0-beta
jcarr:v1.4.0
jcarr:v1.4.0-beta
jcarr:v1.3.0
jcarr:v1.3.0-beta
jcarr:v1.2.0
jcarr:v1.2.0-beta
jcarr:v1.1.0
jcarr:v1.0.0
jcarr:v1.0.0-beta
jcarr:v0.6.2
jcarr:v0.6.1
jcarr:v0.6.0
jcarr:v0.5.1
jcarr:v0.5
jcarr:v0.4
jcarr:v0.3
jcarr:v0.2
jcarr:v0.1
...
pull from: jcarr:stable/v0.6
Branches Tags
jcarr:master
jcarr:smallpinch
jcarr:wasm
jcarr:stable/v0.6
jcarr:v1.6.0
jcarr:v1.6.0-beta
jcarr:v1.5.0
jcarr:v1.5.0-beta
jcarr:v1.4.0
jcarr:v1.4.0-beta
jcarr:v1.3.0
jcarr:v1.3.0-beta
jcarr:v1.2.0
jcarr:v1.2.0-beta
jcarr:v1.1.0
jcarr:v1.0.0
jcarr:v1.0.0-beta
jcarr:v0.6.2
jcarr:v0.6.1
jcarr:v0.6.0
jcarr:v0.5.1
jcarr:v0.5
jcarr:v0.4
jcarr:v0.3
jcarr:v0.2
jcarr:v0.1

4 Commits
master ... stable/v0.

Author SHA1 Message Date
Solly Ross 5b78c230f9 Merge pull request #804 from nbibler/backport-619 
Backport #619 into stable/v0.6
 2017-04-12 11:43:12 -04:00
Nathaniel Bibler 4389e1fa07
Backport #619 into stable/v0.6 2017-03-31 15:16:40 -04:00
Solly Ross e8986fa069 Release v0.6.2 
Fixes a XSS vulnerability in the noVNC status display which could allow
remote VNC servers to inject arbitrary HTML into the noVNC display page.
 2017-01-12 14:36:42 -05:00
Solly Ross 15ce2f71eb Use textContent instead of innerHTML 
Previously, setting `innerHTML` was used to display the statuses.  These
could include content communicated from the remote VNC server, allowing
the remove VNC server to inject HTML into the noVNC page.

This commit switches all uses of `innerHTML` to use `textContent`, which
is not vulnerable to the HTML injection.
 2017-01-12 11:58:22 -05:00
13 changed files with 28 additions and 30 deletions
Show Stats Expand all files Collapse all files

2
docs/VERSION
View File

@ -1 +1 @@
0.6.1
0.6.2

26
include/input.js
View File

@ -338,14 +338,13 @@ var Keyboard, Mouse;
Util.addEvent(window, 'touchend', this._eventHandlers.mouseup);
Util.addEvent(c, 'touchend', this._eventHandlers.mouseup);
Util.addEvent(c, 'touchmove', this._eventHandlers.mousemove);
} else {
Util.addEvent(c, 'mousedown', this._eventHandlers.mousedown);
Util.addEvent(window, 'mouseup', this._eventHandlers.mouseup);
Util.addEvent(c, 'mouseup', this._eventHandlers.mouseup);
Util.addEvent(c, 'mousemove', this._eventHandlers.mousemove);
Util.addEvent(c, (Util.Engine.gecko) ? 'DOMMouseScroll' : 'mousewheel',
this._eventHandlers.mousewheel);
}
Util.addEvent(c, 'mousedown', this._eventHandlers.mousedown);
Util.addEvent(window, 'mouseup', this._eventHandlers.mouseup);
Util.addEvent(c, 'mouseup', this._eventHandlers.mouseup);
Util.addEvent(c, 'mousemove', this._eventHandlers.mousemove);
Util.addEvent(c, (Util.Engine.gecko) ? 'DOMMouseScroll' : 'mousewheel',
this._eventHandlers.mousewheel);
/* Work around right and middle click browser behaviors */
Util.addEvent(document, 'click', this._eventHandlers.mousedisable);
@ -360,14 +359,13 @@ var Keyboard, Mouse;
Util.removeEvent(window, 'touchend', this._eventHandlers.mouseup);
Util.removeEvent(c, 'touchend', this._eventHandlers.mouseup);
Util.removeEvent(c, 'touchmove', this._eventHandlers.mousemove);
} else {
Util.removeEvent(c, 'mousedown', this._eventHandlers.mousedown);
Util.removeEvent(window, 'mouseup', this._eventHandlers.mouseup);
Util.removeEvent(c, 'mouseup', this._eventHandlers.mouseup);
Util.removeEvent(c, 'mousemove', this._eventHandlers.mousemove);
Util.removeEvent(c, (Util.Engine.gecko) ? 'DOMMouseScroll' : 'mousewheel',
this._eventHandlers.mousewheel);
}
Util.removeEvent(c, 'mousedown', this._eventHandlers.mousedown);
Util.removeEvent(window, 'mouseup', this._eventHandlers.mouseup);
Util.removeEvent(c, 'mouseup', this._eventHandlers.mouseup);
Util.removeEvent(c, 'mousemove', this._eventHandlers.mousemove);
Util.removeEvent(c, (Util.Engine.gecko) ? 'DOMMouseScroll' : 'mousewheel',
this._eventHandlers.mousewheel);
/* Work around right and middle click browser behaviors */
Util.removeEvent(document, 'click', this._eventHandlers.mousedisable);

6
include/ui.js
View File

@ -285,7 +285,7 @@ var UI;
if (typeof(msg) !== 'undefined') {
$D('noVNC_control_bar').setAttribute("class", klass);
$D('noVNC_status').innerHTML = msg;
$D('noVNC_status').textContent = msg;
}
UI.updateVisualState();
@ -360,9 +360,9 @@ var UI;
clearTimeout(UI.popupStatusTimeout);
if (typeof text === 'string') {
psp.innerHTML = text;
psp.textContent = text;
} else {
psp.innerHTML = $D('noVNC_status').innerHTML;
psp.textContent = $D('noVNC_status').textContent;
}
psp.style.display = "block";
psp.style.left = window.innerWidth/2 -

2
package.json
View File

@ -1,6 +1,6 @@
{
"name": "noVNC",
"version": "0.6.1",
"version": "0.6.2",
"description": "An HTML5 VNC client",
"main": "karma.conf.js",
"directories": {

2
tests/arrays.js
View File

@ -36,7 +36,7 @@ if (Util.Engine.trident) {
function message(str) {
//console.log(str);
cell = $D('messages');
cell.innerHTML += str + newline;
cell.textContent += str + newline;
cell.scrollTop = cell.scrollHeight;
}

2
tests/base64.html
View File

@ -20,7 +20,7 @@
function debug(str) {
console.log(str);
cell = $D('debug');
cell.innerHTML += str + "\n";
cell.textContent += str + "\n";
cell.scrollTop = cell.scrollHeight;
}

2
tests/canvas.html
View File

@ -42,7 +42,7 @@
function message(str) {
console.log(str);
cell = $D('messages');
cell.innerHTML += msg_cnt + ": " + str + "\n";
cell.textContent += msg_cnt + ": " + str + "\n";
cell.scrollTop = cell.scrollHeight;
msg_cnt += 1;
}

2
tests/cursor.html
View File

@ -35,7 +35,7 @@
function debug(str) {
console.log(str);
cell = $D('debug');
cell.innerHTML += str + "\n";
cell.textContent += str + "\n";
cell.scrollTop = cell.scrollHeight;
}

2
tests/input.html
View File

@ -44,7 +44,7 @@
function message(str) {
console.log(str);
cell = $D('messages');
cell.innerHTML += msg_cnt + ": " + str + newline;
cell.textContent += msg_cnt + ": " + str + newline;
cell.scrollTop = cell.scrollHeight;
msg_cnt++;
}

2
tests/viewport.html
View File

@ -56,7 +56,7 @@
function message(str) {
console.log(str);
cell = $D('messages');
cell.innerHTML += msg_cnt + ": " + str + newline;
cell.textContent += msg_cnt + ": " + str + newline;
cell.scrollTop = cell.scrollHeight;
msg_cnt++;
}

4
tests/vnc_perf.html
View File

@ -64,7 +64,7 @@
function msg(str) {
console.log(str);
var cell = $D('messages');
cell.innerHTML += str + "\n";
cell.textContent += str + "\n";
cell.scrollTop = cell.scrollHeight;
}
function dbgmsg(str) {
@ -88,7 +88,7 @@
break;
}
if (typeof mesg !== 'undefined') {
$D('VNC_status').innerHTML = mesg;
$D('VNC_status').textContent = mesg;
}
}

4
tests/vnc_playback.html
View File

@ -51,7 +51,7 @@
function message(str) {
console.log(str);
var cell = $D('messages');
cell.innerHTML += str + "\n";
cell.textContent += str + "\n";
cell.scrollTop = cell.scrollHeight;
}
@ -78,7 +78,7 @@
break;
}
if (typeof msg !== 'undefined') {
$D('VNC_status').innerHTML = msg;
$D('VNC_status').textContent = msg;
}
}

2
vnc_auto.html
View File

@ -152,7 +152,7 @@
if (typeof(msg) !== 'undefined') {
sb.setAttribute("class", "noVNC_status_" + level);
s.innerHTML = msg;
s.textContent = msg;
}
}