[ofbiz-framework] 01/02: Fixed: Fix OFBiz speficic Javascript securiy issues reported by GH CodeQL (OFBIZ-12366)

Mon, 25 Jul 2022 00:18:06 -0700 

This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git

commit 7875045e5a5acae0c22eee72bfdb5971cf663317
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Mon Jul 18 17:34:59 2022 +0200

    Fixed: Fix OFBiz speficic Javascript securiy issues reported by GH CodeQL 
(OFBIZ-12366)
    
    Actually I put in a path error then, it's not
    value="/common/js/node_modules/node_modules/dompurify/dist/purify.min.js"
    but
    value="/common/js/node_modules/dompurify/dist/purify.min.js"
    
    This fixes it
---
 themes/common-theme/widget/CommonScreens.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/themes/common-theme/widget/CommonScreens.xml 
b/themes/common-theme/widget/CommonScreens.xml
index 61ddbe5f1c..221ab177fd 100644
--- a/themes/common-theme/widget/CommonScreens.xml
+++ b/themes/common-theme/widget/CommonScreens.xml
@@ -351,7 +351,7 @@ under the License.
                         <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/jquery.browser/dist/jquery.browser.min.js" 
global="true"/>
                         <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/jquery-migrate/dist/jquery-migrate.min.js" 
global="true"/>
                         <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/jquery/dist/jquery.min.js" global="true"/>
-                        <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/node_modules/dompurify/dist/purify.min.js" 
global="true"/>
+                        <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/dompurify/dist/purify.min.js" global="true"/>
                         <set field="layoutSettings.javaScripts[]" 
value="/common/js/util/OfbizUtil.js" global="true"/>
                     </actions>
                     <widgets>
@@ -457,7 +457,7 @@ under the License.
                 <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/jquery.browser/dist/jquery.browser.min.js" 
global="true"/>
                 <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/jquery-migrate/dist/jquery-migrate.min.js" 
global="true" />
                 <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/jquery/dist/jquery.min.js" global="true"/>
-                <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/node_modules/dompurify/dist/purify.min.js" 
global="true"/>
+                <set field="layoutSettings.javaScripts[+0]" 
value="/common/js/node_modules/dompurify/dist/purify.min.js" global="true"/>
                 <!-- jQuery CSSs -->
                 <set field="layoutSettings.styleSheets[+0]" 
value="/common/js/node_modules/jquery-ui-dist/jquery-ui.min.css" global="true"/>

Reply via email to