Item13301: Single quotes are incorrectly encoded in query params. Breaks WebSearch and other pages.

WebSearch topic crashes with a query search

Test case

• go to trunk.foswiki.org
• then, go to WebSearch
• type name~'*whatyouwant*'
• [optionnal] in advanced search tab, select query search
• result is a small html page, break, see result below

Result

• see image below
• tested on :
  • opera 12.16 - 32 bits under linux
  • iceweasel 31.5.0 - 32 bits under linux

Comments

• same test case works well on v1.1.9

-- GuilainCabannes - 09 Mar 2015

The bug is caused by the use of the single quote in the search field. It's ending up in the html unencoded in the url parameters. This is related to the HTML conversion to use single quotes. The difference on Foswiki 1.1 is that the URLs are generated: using double-quotes. ...

On further digging, there are definitely quoting issues, but 1.1. has the same issues. Firefox "view source" complains about the HTML. But the problem is in the Change Language tag, which also uses a redirectto, which is actually truncated at the first single quote.

-- GeorgeClark - 09 Mar 2015

You can create it on any page on trunk by using single quotes in the URL.

http://trunk.foswiki.org/Main/WebHome?foo='bar'

-- GeorgeClark - 09 Mar 2015

Note that Foswiki 1.1.9 also has issues with the language selector when single quotes are used in the query string. Not as severe, but I note that the bottom of the page copyright info ends up in the top of the page.

-- GeorgeClark - 09 Mar 2015

Bumped to Security. There might be a possible exploit if entities are not being correctly encoded. Reviewed with Crawford.

-- GeorgeClark - 09 Mar 2015

Commenting is disabled while not logged in