From 18dfba868fe2fb9c64706b2123eb0b3a3ce66a77 Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Fri, 27 Mar 2015 12:17:39 -0400
Subject: Fix XSS in openid selector. Thanks, Raghav Bisht.

---
 debian/changelog                             | 3 +++
 doc/bugs/XSS_Alert...__33____33____33__.html | 4 ++++
 templates/openid-selector.tmpl               | 2 +-
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index 80dec8897..3003b4b3a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -13,6 +13,9 @@ ikiwiki (3.20150108) UNRELEASED; urgency=medium
   * t/inline.t: accept translations of "Add a new post titled:"
     (Closes: #779365)
 
+  [ Joey Hess ]
+  * Fix XSS in openid selector. Thanks, Raghav Bisht.
+
  -- Joey Hess <id@joeyh.name>  Sat, 24 Jan 2015 23:59:20 -0400
 
 ikiwiki (3.20150107) experimental; urgency=medium
diff --git a/doc/bugs/XSS_Alert...__33____33____33__.html b/doc/bugs/XSS_Alert...__33____33____33__.html
index 24a1a3af0..436e3faae 100644
--- a/doc/bugs/XSS_Alert...__33____33____33__.html
+++ b/doc/bugs/XSS_Alert...__33____33____33__.html
@@ -23,3 +23,7 @@ Thank You...!!
 Your Faithfully,
 Raghav Bisht
 raghav007bisht@gmail.com
+
+> Thanks Raghav for reporting this issue. I've fixed it in ikiwiki.
+> 
+> --[[Joey]] 
diff --git a/templates/openid-selector.tmpl b/templates/openid-selector.tmpl
index b6be2720c..0fd833042 100644
--- a/templates/openid-selector.tmpl
+++ b/templates/openid-selector.tmpl
@@ -23,7 +23,7 @@ $(document).ready(function() {
 		</div>
 		<div id="openid_input_area">
 			<label for="openid_identifier" class="block">Enter your OpenID:</label>
-			<input id="openid_identifier" name="openid_identifier" type="text" value="<TMPL_VAR OPENID_URL>"/>
+			<input id="openid_identifier" name="openid_identifier" type="text" value="<TMPL_VAR ESCAPE=HTML OPENID_URL>"/>
 			<input id="openid_submit" type="submit" value="Login"/>
 		</div>
 		<TMPL_IF OPENID_ERROR>
-- 
cgit v1.2.3