Skip to content

Commit

Permalink
Merge pull request #1980 from ThemeFuse/WordfenceVulnerabilities
Browse files Browse the repository at this point in the history
bagrinsergiu/blox-editor#25494 - sanitize json for users with no unfi…
  • Loading branch information
ViorelEremia authored Feb 19, 2024
2 parents 07ca880 + 8f127f6 commit b7e3ab7
Show file tree
Hide file tree
Showing 6 changed files with 30 additions and 38 deletions.
2 changes: 2 additions & 0 deletions admin/abstract-api.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
*/
abstract class Brizy_Admin_AbstractApi {

use Brizy_Editor_Trait_Sanitize;

abstract protected function initializeApiActions();

abstract protected function getRequestNonce();
Expand Down
12 changes: 6 additions & 6 deletions admin/blocks/api.php
Original file line number Diff line number Diff line change
Expand Up @@ -230,7 +230,7 @@ public function actionCreateGlobalBlock()


try {
$editorData = stripslashes($this->param('data'));
$editorData = $this->sanitizeJson(stripslashes($this->param('data')));
$position = stripslashes($this->param('position'));
$status = stripslashes($this->param('status'));
$rulesData = stripslashes($this->param('rules'));
Expand Down Expand Up @@ -316,7 +316,7 @@ public function actionUpdateGlobalBlock()
$block->setMeta(stripslashes($this->param('meta')));
}
if ($this->param('data')) {
$data = stripslashes( $this->param( 'data' ) );
$data = $this->sanitizeJson(stripslashes( $this->param( 'data' ) ));
if ( json_decode( $data ) !== null && ! json_last_error() ) {
$block->set_editor_data( $data );
}
Expand Down Expand Up @@ -422,10 +422,10 @@ public function actionUpdateGlobalBlocks()
}

if (isset($this->param('data')[$i]) && !empty($this->param('data')[$i])) {
$data = stripslashes( $this->param( 'data' )[ $i ] );
$data = $this->sanitizeJson(stripslashes( $this->param( 'data' )[ $i ] ));

if ( json_decode( $data ) !== null && ! json_last_error() ) {
$block->set_editor_data( stripslashes( $this->param( 'data' )[ $i ] ) );
$block->set_editor_data( $data );
}
}

Expand Down Expand Up @@ -575,7 +575,7 @@ public function actionCreateSavedBlock()
$block->setTags(stripslashes($this->param('tags')));
}

$block->set_editor_data(stripslashes($this->param('data')));
$block->set_editor_data($this->sanitizeJson(stripslashes($this->param('data'))));
$block->set_needs_compile(true);
//$block->setCloudUpdateRequired( true );
$block->save();
Expand Down Expand Up @@ -613,7 +613,7 @@ public function actionUpdateSavedBlock()
$block->setDataVersion($this->param('dataVersion'));

if ($this->param('data')) {
$block->set_editor_data(stripslashes($this->param('data')));
$block->set_editor_data($this->sanitizeJson(stripslashes($this->param('data'))));
}


Expand Down
2 changes: 1 addition & 1 deletion editor/api.php
Original file line number Diff line number Diff line change
Expand Up @@ -431,7 +431,7 @@ public function update_item()
try {
$this->verifyNonce(self::nonce);

$data = stripslashes($this->param('data'));
$data = $this->sanitizeJson(stripslashes($this->param('data')));
$atemplate = $this->param('template');
$dataVersion = (int)stripslashes($this->param('dataVersion'));
$status = stripslashes($this->param('status'));
Expand Down
31 changes: 1 addition & 30 deletions editor/editor/editor.php
Original file line number Diff line number Diff line change
Expand Up @@ -125,8 +125,7 @@ public function config($context = self::COMPILE_CONTEXT)
$config = array(
'user' => array(
'role' => 'admin',
'isAuthorized' => $this->project->getMetaValue('brizy-cloud-token') !== null,
'allowScripts' => $this->isUserAllowedToAddScripts($context),
'isAuthorized' => $this->project->getMetaValue('brizy-cloud-token') !== null
),
'project' => array(
'id' => $this->project->getId(),
Expand Down Expand Up @@ -1877,34 +1876,6 @@ public function getCloudInfo()
return $response;
}

/**
* Do not use: $userId = get_post_meta( $this->post->getWpPostId(), '_edit_last', true );
* This meta _edit_last is often deleted by plugins dealing with optimize database
*
* @param $context
*
* @return bool
*/
private function isUserAllowedToAddScripts($context)
{

if ($context == self::COMPILE_CONTEXT) {

$userId = $this->post->getLastUserEdited();

if ($userId === null) {
return true;
}

} else {
$userId = get_current_user_id();
}

$userCan = user_can($userId, 'unfiltered_html');

return $userCan;
}

private function getImgSizes()
{

Expand Down
18 changes: 18 additions & 0 deletions editor/trait/sanitize.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
<?php

trait Brizy_Editor_Trait_Sanitize {

public function sanitizeJson($data) {
if ( current_user_can( 'unfiltered_html' ) ) {
return $data;
}

if ( ! $dataDecoded = json_decode( $data, true ) ) {
return $data;
}

$dataDecoded = wp_kses_post_deep( $dataDecoded );

return json_encode( $dataDecoded );
}
}
3 changes: 2 additions & 1 deletion editor/zip/archiver.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
class Brizy_Editor_Zip_Archiver implements Brizy_Editor_Zip_ArchiverInterface
{
use Brizy_Editor_Asset_AttachmentAware;
use Brizy_Editor_Trait_Sanitize;

const ARCHIVE_TYPE_LAYOUT = 'layout';
const ARCHIVE_TYPE_BLOCK = 'block';
Expand Down Expand Up @@ -201,7 +202,7 @@ private function createSingleFromZipPath(ZipArchive $z, $dir)
*/
$block = $this->getManager($entityClass)->createEntity(md5(random_bytes(10)), 'publish');
$block->set_needs_compile(true);
$block->set_editor_data($data->data);
$block->set_editor_data($this->sanitizeJson($data->data));
$block->setMeta($data->meta);

if (isset($data->title)) {
Expand Down

0 comments on commit b7e3ab7

Please sign in to comment.