Sanitize Bitbucket repo links to fix potential xss

27aef08a · Dheeraj Joshi · 9552bbee · 27aef08a · 27aef08a
Commit 27aef08a authored Feb 21, 2020 by Dheeraj Joshi
2 changed files
--- a/app/views/import/bitbucket_server/status.html.haml
+++ b/app/views/import/bitbucket_server/status.html.haml
@@ -57,7 +57,7 @@
        - @repos.each do |repo|
          %tr{ id: "repo_#{repo.project_key}___#{repo.slug}", data: { project: repo.project_key, repository: repo.slug } }
            %td
-              = link_to repo.browse_url, repo.browse_url, target: '_blank', rel: 'noopener noreferrer'
+              = sanitize(link_to(repo.browse_url, repo.browse_url, target: '_blank', rel: 'noopener noreferrer'), attributes: %w(href target rel))
            %td.import-target
              %fieldset.row
              .input-group
@@ -78,7 +78,7 @@
        - @incompatible_repos.each do |repo|
          %tr{ id: "repo_#{repo.project_key}___#{repo.slug}" }
            %td
-              = link_to repo.browse_url, repo.browse_url, target: '_blank', rel: 'noopener noreferrer'
+              = sanitize(link_to(repo.browse_url, repo.browse_url, target: '_blank', rel: 'noopener noreferrer'), attributes: %w(href target rel))
            %td.import-target
            %td.import-actions-job-status
              = label_tag 'Incompatible Project', nil, class: 'label badge-danger'

--- a/changelogs/unreleased/security-xss-bitbucket-import.yml
+++ b/changelogs/unreleased/security-xss-bitbucket-import.yml
+---
+title: Sanitize bitbucket repo urls to mitigate XSS
+merge_request:
+author:
+type: security