Commit 05b5f4c6 authored by alexpott's avatar alexpott
Browse files

Issue #2501757 by kgoel, cilefen, jvandyk, joelpittet, YesCT, alexpott,...

Issue #2501757 by kgoel, cilefen, jvandyk, joelpittet, YesCT, alexpott, cwells, adamwhite, cmanalansan, xjm: Remove SafeMarkup::set in NodeSearch::prepareResults()
parent 25e0bb99
...@@ -332,11 +332,9 @@ protected function prepareResults(StatementInterface $found) { ...@@ -332,11 +332,9 @@ protected function prepareResults(StatementInterface $found) {
unset($build['#theme']); unset($build['#theme']);
$build['#pre_render'][] = array($this, 'removeSubmittedInfo'); $build['#pre_render'][] = array($this, 'removeSubmittedInfo');
// Fetch comment count for snippet. // Fetch comments for snippet.
$rendered = SafeMarkup::set( $rendered = $this->renderer->renderPlain($build);
$this->renderer->renderPlain($build) . ' ' . $rendered .= ' ' . $this->moduleHandler->invoke('comment', 'node_update_index', array($node, $item->langcode));
SafeMarkup::escape($this->moduleHandler->invoke('comment', 'node_update_index', array($node, $item->langcode)))
);
$extra = $this->moduleHandler->invokeAll('node_search_result', array($node, $item->langcode)); $extra = $this->moduleHandler->invokeAll('node_search_result', array($node, $item->langcode));
......
...@@ -618,7 +618,8 @@ function search_mark_for_reindex($type = NULL, $sid = NULL, $langcode = NULL) { ...@@ -618,7 +618,8 @@ function search_mark_for_reindex($type = NULL, $sid = NULL, $langcode = NULL) {
/** /**
* Returns snippets from a piece of text, with search keywords highlighted. * Returns snippets from a piece of text, with search keywords highlighted.
* *
* Used for formatting search results. * Used for formatting search results. All HTML tags will be stripped from
* $text.
* *
* @param string $keys * @param string $keys
* A string containing a search query. * A string containing a search query.
......
...@@ -126,6 +126,23 @@ function testSearchResultsComment() { ...@@ -126,6 +126,23 @@ function testSearchResultsComment() {
$edit_comment['comment_body[0][format]'] = $full_html_format_id; $edit_comment['comment_body[0][format]'] = $full_html_format_id;
$this->drupalPostForm('comment/reply/node/' . $node->id() .'/comment', $edit_comment, t('Save')); $this->drupalPostForm('comment/reply/node/' . $node->id() .'/comment', $edit_comment, t('Save'));
// Post a comment with an evil script tag in the comment subject and a
// script tag nearby a keyword in the comment body. Use the 'FULL HTML' text
// format so the script tag stored.
$edit_comment2 = array();
$edit_comment2['subject[0][value]'] = "<script>alert('subjectkeyword');</script>";
$edit_comment2['comment_body[0][value]'] = "nearbykeyword<script>alert('somethinggeneric');</script>";
$edit_comment2['comment_body[0][format]'] = $full_html_format_id;
$this->drupalPostForm('comment/reply/node/' . $node->id() . '/comment', $edit_comment2, t('Save'));
// Post a comment with a keyword inside an evil script tag in the comment
// body. Use the 'FULL HTML' text format so the script tag is stored.
$edit_comment3 = array();
$edit_comment3['subject[0][value]'] = 'asubject';
$edit_comment3['comment_body[0][value]'] = "<script>alert('insidekeyword');</script>";
$edit_comment3['comment_body[0][format]'] = $full_html_format_id;
$this->drupalPostForm('comment/reply/node/' . $node->id() . '/comment', $edit_comment3, t('Save'));
// Invoke search index update. // Invoke search index update.
$this->drupalLogout(); $this->drupalLogout();
$this->cronRun(); $this->cronRun();
...@@ -152,6 +169,39 @@ function testSearchResultsComment() { ...@@ -152,6 +169,39 @@ function testSearchResultsComment() {
$this->assertNoRaw(t('n/a'), 'HTML in comment body is not hidden.'); $this->assertNoRaw(t('n/a'), 'HTML in comment body is not hidden.');
$this->assertNoEscaped($edit_comment['comment_body[0][value]'], 'HTML in comment body is not escaped.'); $this->assertNoEscaped($edit_comment['comment_body[0][value]'], 'HTML in comment body is not escaped.');
// Search for the evil script comment subject.
$edit = array(
'keys' => 'subjectkeyword',
);
$this->drupalPostForm('search/node', $edit, t('Search'));
// Verify the evil comment subject is escaped in search results.
$this->assertRaw('&lt;script&gt;alert(&#039;<strong>subjectkeyword</strong>&#039;);');
$this->assertNoRaw('<script>');
// Search for the keyword near the evil script tag in the comment body.
$edit = [
'keys' => 'nearbykeyword',
];
$this->drupalPostForm('search/node', $edit, t('Search'));
// Verify that nearby script tag in the evil comment body is stripped from
// search results.
$this->assertRaw('<strong>nearbykeyword</strong>');
$this->assertNoRaw('<script>');
// Search for contents inside the evil script tag in the comment body.
$edit = [
'keys' => 'insidekeyword',
];
$this->drupalPostForm('search/node', $edit, t('Search'));
// @todo Verify the actual search results.
// https://www.drupal.org/node/2551135
// Verify there is no script tag in search results.
$this->assertNoRaw('<script>');
// Hide comments. // Hide comments.
$this->drupalLogin($this->adminUser); $this->drupalLogin($this->adminUser);
$node->set('comment', CommentItemInterface::HIDDEN); $node->set('comment', CommentItemInterface::HIDDEN);
......
...@@ -39,7 +39,7 @@ function testSearchExcerpt() { ...@@ -39,7 +39,7 @@ function testSearchExcerpt() {
// important for HTML formatting. Remove these for comparison. // important for HTML formatting. Remove these for comparison.
$expected = 'The quick brown fox &amp; jumps over the lazy dog'; $expected = 'The quick brown fox &amp; jumps over the lazy dog';
$result = preg_replace('| +|', ' ', search_excerpt('nothing', $text)); $result = preg_replace('| +|', ' ', search_excerpt('nothing', $text));
$this->assertEqual(preg_replace('| +|', ' ', $result), $expected, 'Entire string is returned when keyword is not found in short string'); $this->assertEqual(preg_replace('| +|', ' ', $result), $expected, 'Entire string, stripped of HTML tags, is returned when keyword is not found in short string');
$result = preg_replace('| +|', ' ', search_excerpt('fox', $text)); $result = preg_replace('| +|', ' ', search_excerpt('fox', $text));
$this->assertEqual($result, 'The quick brown <strong>fox</strong> &amp; jumps over the lazy dog', 'Found keyword is highlighted'); $this->assertEqual($result, 'The quick brown <strong>fox</strong> &amp; jumps over the lazy dog', 'Found keyword is highlighted');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment