]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - html/cgi-bin/captive.cgi
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
captive: Fix potential authenticated XSS in title processing
[ipfire-2.x.git] / html / cgi-bin / captive.cgi
diff --git a/html/cgi-bin/captive.cgi b/html/cgi-bin/captive.cgi
index 242549d33f2eec4391b693a655de279434084777..b7c42e797e4fb6964f3755679da8287716123740 100755 (executable)
--- a/html/cgi-bin/captive.cgi
+++ b/html/cgi-bin/captive.cgi
@@ -42,7 +42,7 @@ my %session_times = (
        86400           => $Lang::tr{'24 hours'},
        604800          => $Lang::tr{'one week'},
        1209600         => $Lang::tr{'two weeks'},
-       18144000        => $Lang::tr{'one month'},
+       2592000         => $Lang::tr{'one month'},
        31536000        => $Lang::tr{'one year'},
        0               => "- $Lang::tr{'unlimited'} -",
 );
@@ -104,7 +104,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
        $settings{'ENABLE_GREEN'}               = $cgiparams{'ENABLE_GREEN'};
        $settings{'ENABLE_BLUE'}                = $cgiparams{'ENABLE_BLUE'};
        $settings{'AUTH'}                               = $cgiparams{'AUTH'};
-       $settings{'TITLE'}                              = $cgiparams{'TITLE'};
+       $settings{'TITLE'}                      = &Header::escape($cgiparams{'TITLE'});
        $settings{'COLOR'}                      = $cgiparams{'COLOR'};
        $settings{'SESSION_TIME'}               = $cgiparams{'SESSION_TIME'};
 
@@ -237,7 +237,7 @@ if ($cgiparams{'ACTION'} eq 'delete-client') {
 }
 
 #open webpage, print header and open box
-&Header::openpage($Lang::tr{'Captive menu'}, 1, '');
+&Header::openpage($Lang::tr{'Captive'}, 1, '');
 &Header::openbigbox();
 
 # If an error message exists, show a box with the error message
@@ -757,7 +757,7 @@ sub generate_pdf() {
                        $f_subheadline->translate($cx, ($y + $h - $cy) / 2.4 + $cy);
 
                        if ($settings{'TITLE'}) {
-                               $f_headline->text_center($settings{'TITLE'});
+                               $f_headline->text_center(decode("utf8", $settings{'TITLE'}));
                                $f_subheadline->text_center(decode("utf8", $Lang::tr{'Captive WiFi coupon'}));
                        } else {
                                $f_headline->text_center(decode("utf8", $Lang::tr{'Captive WiFi coupon'}));
IPFire 2.x development tree