/[packages]/cauldron/ruby/current/SOURCES/rdoc-cve-2013-0256.patch
ViewVC logotype

Contents of /cauldron/ruby/current/SOURCES/rdoc-cve-2013-0256.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 394856 - (show annotations) (download)
Wed Feb 6 15:58:47 2013 UTC (7 years, 9 months ago) by fwang
File size: 1049 byte(s)
fix CVE-2013-0256: XSS exploit of RDoc documentation generated by rdoc
1 --- ruby_1_9_3/lib/rdoc/generator/template/darkfish/js/darkfish.js 2011/07/10 14:06:48 32501
2 +++ ruby_1_9_3/lib/rdoc/generator/template/darkfish/js/darkfish.js 2013/02/06 08:00:49 39101
3 @@ -73,13 +73,15 @@
4 function highlightTarget( anchor ) {
5 console.debug( "Highlighting target '%s'.", anchor );
6
7 - $("a[name=" + anchor + "]").each( function() {
8 - if ( !$(this).parent().parent().hasClass('target-section') ) {
9 - console.debug( "Wrapping the target-section" );
10 - $('div.method-detail').unwrap( 'div.target-section' );
11 - $(this).parent().wrap( '<div class="target-section"></div>' );
12 - } else {
13 - console.debug( "Already wrapped." );
14 + $("a[name]").each( function() {
15 + if ( $(this).attr("name") == anchor ) {
16 + if ( !$(this).parent().parent().hasClass('target-section') ) {
17 + console.debug( "Wrapping the target-section" );
18 + $('div.method-detail').unwrap( 'div.target-section' );
19 + $(this).parent().wrap( '<div class="target-section"></div>' );
20 + } else {
21 + console.debug( "Already wrapped." );
22 + }
23 }
24 });
25 };

  ViewVC Help
Powered by ViewVC 1.1.28