Mitigate CVE-2014-4671 for unpatched flash players
Bug: 68187
Change-Id: I2f46e623c1f541dbbafb6e8333e0929055098b15
$callback = $params['callback'];
if ( $callback !== null ) {
$callback = preg_replace( "/[^][.\\'\\\"_A-Za-z0-9]/", '', $callback );
- $this->printText( "$callback($json)" );
+ # Prepend a comment to try to avoid attacks against content
+ # sniffers, such as bug 68187.
+ $this->printText( "/**/$callback($json)" );
} else {
$this->printText( $json );
}
$this->assertInternalType( 'array', json_decode( $data, true ) );
$this->assertGreaterThan( 0, count( (array)$data ) );
}
+
+ public function testJsonpInjection( ) {
+ $data = $this->apiRequest( 'json', array( 'action' => 'query', 'meta' => 'siteinfo', 'callback' => 'myCallback' ) );
+ $this->assertEquals( '/**/myCallback(', substr( $data, 0, 15 ) );
+ }
}