Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-42751

Fill in SKU with JavaScript will display code in Shopping portlet and throw NPE in the console.

    XMLWordPrintable

    Details

    • Type: Regression Bug
    • Status: Closed
    • Resolution: No Longer Reproducible
    • Affects Version/s: 7.0.0 M3
    • Fix Version/s: 7.0.0 M3
    • Component/s: Util, Util > Shopping
    • Labels:
      None
    • Environment:
      Tomcat 7.0.42 + MySQL 5.5.34. Portal master GIT ID: 9cc4997fe5920c162862c06686b88dd9549af70f.
    • Story Points:
      3
    • Fix Priority:
      3

      Description

      1. Add Shopping portlet to a home page.
      2. Add a Item with <script>alert("123");</script> in SKU.
      3. Click the newly created item and add to shopping cart.
      4. Assert the message display : "Your request completed successfully".

      Expected result:
      It should be no code displays in the shopping protlet.

      Actual result:
      Fill in SKU with JavaScript will display code in Shopping portlet and throw NPE in the console.

      06:45:55,563 ERROR [http-bio-9080-exec-5][MinifierUtil:111] 47: 39: missing ; before statement
06:45:55,565 ERROR [http-bio-9080-exec-5][MinifierUtil:111] 47: 41: unterminated string literal
06:45:55,565 ERROR [http-bio-9080-exec-5][MinifierUtil:111] 47: 41: missing } in compound statement
06:45:55,566 ERROR [http-bio-9080-exec-5][MinifierUtil:111] 47: 41: missing } after function body
06:45:55,567 ERROR [http-bio-9080-exec-5][MinifierUtil:111] 1: 0: Compilation produced 4 syntax errors.
06:45:55,568 ERROR [http-bio-9080-exec-5][MinifierUtil:88] JavaScript Minifier failed for__// <![CDATA[___      var itemsInStock = true;____    function _34_checkout() {__             if (true) {__                   if (!itemsInStock) {__                          if (confirm("\u0059\u006f\u0075\u007
2\u0020\u0063\u0061\u0072\u0074\u0020\u0068\u0061\u0073\u0020\u0069\u0074\u0065\u006d\u0073\u0020\u0074\u0068\u0061\u0074\u0020\u0061\u0072\u0065\u0020\u006f\u0075\u0074\u0020\u006f\u0066\u0020\u0073\u0074\u006f\u0063\u006b\u002e\u0020\u0044\u006f\u0020\u0079\u006f\u0075\u0020\u0073\u0074\u0069\u006
c\u006c\u0020\u0077\u0061\u006e\u0074\u0020\u0074\u006f\u0020\u0063\u006f\u006e\u0074\u0069\u006e\u0075\u0065\u0020\u0077\u0069\u0074\u0068\u0020\u0074\u0068\u0065\u0020\u006f\u0072\u0064\u0065\u0072\u003f")) {__                                    document._34_fm._34_cmd.value = "checkout";__
                        document._34_fm._34_redirect.value = "http://localhost:9080/web/guest/home?p_auth=JTJBrfnn&p_p_id=34&p_p_lifecycle=1&p_p_state=normal&p_p_mode=view&p_p_col_id=column-1&p_p_col_count=5&_34_struts_action=%2Fshopping%2Fcheckout";__                                    _34_updateCa
rt();__                         }__                     }__                     else {__                        document._34_fm._34_cmd.value = "checkout";__                           document._34_fm._34_redirect.value = "http://localhost:9080/web/guest/home?p_auth=JTJBrfnn&p_p_id=34&p_p_lifecycle=1
&p_p_state=normal&p_p_mode=view&p_p_col_id=column-1&p_p_col_count=5&_34_struts_action=%2Fshopping%2Fcheckout";__                                _34_updateCart();__                     }__             }__             else {__                        alert("\u0059\u006f\u0075\u0072\u0020\u006f\u0072\u0
064\u0065\u0072\u0020\u0063\u0061\u006e\u006e\u006f\u0074\u0020\u0062\u0065\u0020\u0070\u0072\u006f\u0063\u0065\u0073\u0073\u0065\u0064\u0020\u0062\u0065\u0063\u0061\u0075\u0073\u0065\u0020\u0069\u0074\u0020\u0066\u0061\u006c\u006c\u0073\u0020\u0062\u0065\u006c\u006f\u0077\u0020\u0074\u0068\u0065\u0
020\u006d\u0069\u006e\u0069\u006d\u0075\u006d\u0020\u0072\u0065\u0071\u0075\u0069\u0072\u0065\u0064\u0020\u0061\u006d\u006f\u0075\u006e\u0074\u0020\u006f\u0066\u0020\u0024\u0030\u002e\u0030\u0030\u002e");__          }__     }____   function _34_emptyCart() {__            document._34_fm._34_itemIds.
value = "";__           document._34_fm._34_couponCodes.value = "";____         submitForm(document._34_fm);__  }____   function _34_updateCart() {__           var itemIds = "";__             var count = 0;__                var invalidSKUs = "";____               ____                    count = docu
ment._34_fm._34_item_11826_0_count.value;____                   if ((count == "") || isNaN(count) || (count < 0) || ((count > 0) && (0 > 0))) {__                               if (invalidSKUs != "") {__                                      invalidSKUs += ", ";__                          }____
                invalidSKUs += "<SCRIPT>ALERT("123"); [Sanitized]
06:48:31,579 ERROR [http-bio-9080-exec-1][MinifierUtil:111] 65: 39: missing ; before statement
06:48:31,580 ERROR [http-bio-9080-exec-1][MinifierUtil:111] 65: 41: unterminated string literal
06:48:31,581 ERROR [http-bio-9080-exec-1][MinifierUtil:111] 65: 41: missing } in compound statement
06:48:31,582 ERROR [http-bio-9080-exec-1][MinifierUtil:111] 65: 41: missing } after function body
06:48:31,582 ERROR [http-bio-9080-exec-1][MinifierUtil:111] 1: 0: Compilation produced 4 syntax errors.
06:48:31,583 ERROR [http-bio-9080-exec-1][MinifierUtil:88] JavaScript Minifier failed for__// <![CDATA[___      var itemsInStock = true;____    function _34_checkout() {__             if (true) {__                   if (!itemsInStock) {__                          if (confirm("\u0059\u006f\u0075\u007
2\u0020\u0063\u0061\u0072\u0074\u0020\u0068\u0061\u0073\u0020\u0069\u0074\u0065\u006d\u0073\u0020\u0074\u0068\u0061\u0074\u0020\u0061\u0072\u0065\u0020\u006f\u0075\u0074\u0020\u006f\u0066\u0020\u0073\u0074\u006f\u0063\u006b\u002e\u0020\u0044\u006f\u0020\u0079\u006f\u0075\u0020\u0073\u0074\u0069\u006
c\u006c\u0020\u0077\u0061\u006e\u0074\u0020\u0074\u006f\u0020\u0063\u006f\u006e\u0074\u0069\u006e\u0075\u0065\u0020\u0077\u0069\u0074\u0068\u0020\u0074\u0068\u0065\u0020\u006f\u0072\u0064\u0065\u0072\u003f")) {__                                    document._34_fm._34_cmd.value = "checkout";__
                        document._34_fm._34_redirect.value = "http://localhost:9080/web/guest/home?p_auth=JTJBrfnn&p_p_id=34&p_p_lifecycle=1&p_p_state=normal&p_p_mode=view&p_p_col_id=column-1&p_p_col_count=5&_34_struts_action=%2Fshopping%2Fcheckout";__                                    _34_updateCa
rt();__                         }__                     }__                     else {__                        document._34_fm._34_cmd.value = "checkout";__                           document._34_fm._34_redirect.value = "http://localhost:9080/web/guest/home?p_auth=JTJBrfnn&p_p_id=34&p_p_lifecycle=1
&p_p_state=normal&p_p_mode=view&p_p_col_id=column-1&p_p_col_count=5&_34_struts_action=%2Fshopping%2Fcheckout";__                                _34_updateCart();__                     }__             }__             else {__                        alert("\u0059\u006f\u0075\u0072\u0020\u006f\u0072\u0
064\u0065\u0072\u0020\u0063\u0061\u006e\u006e\u006f\u0074\u0020\u0062\u0065\u0020\u0070\u0072\u006f\u0063\u0065\u0073\u0073\u0065\u0064\u0020\u0062\u0065\u0063\u0061\u0075\u0073\u0065\u0020\u0069\u0074\u0020\u0066\u0061\u006c\u006c\u0073\u0020\u0062\u0065\u006c\u006f\u0077\u0020\u0074\u0068\u0065\u0
020\u006d\u0069\u006e\u0069\u006d\u0075\u006d\u0020\u0072\u0065\u0071\u0075\u0069\u0072\u0065\u0064\u0020\u0061\u006d\u006f\u0075\u006e\u0074\u0020\u006f\u0066\u0020\u0024\u0030\u002e\u0030\u0030\u002e");__          }__     }____   function _34_emptyCart() {__            document._34_fm._34_itemIds.
value = "";__           document._34_fm._34_couponCodes.value = "";____         submitForm(document._34_fm);__  }____   function _34_updateCart() {__           var itemIds = "";__             var count = 0;__                var invalidSKUs = "";____               ____                    count = docu
ment._34_fm._34_item_11835_0_count.value;____                   if ((count == "") || isNaN(count) || (count < 0) || ((count > 0) && (0 > 0))) {__                               if (invalidSKUs != "") {__                                      invalidSKUs += ", ";__                          }____
                invalidSKUs += "002";__                 }____                   for (var i = 0; i < count; i++) {__                             itemIds += "11835,";__                  }____                   count = 0;____          ____                    count = document._34_fm._34_item_11831_1_cou
nt.value;____                   if ((count == "") || isNaN(count) || (count < 0) || ((count > 0) && (0 > 0))) {__                               if (invalidSKUs != "") {__                                      invalidSKUs += ", ";__                          }____                           invalidSKUs
+= "<SCRIPT>ALERT("123"); [Sanitized]

        Attachments

        1. attachment.gif
          attachment.gif
          2.70 MB
        2. attachment.JPG
          attachment.JPG
          81 kB

          Activity

            People

            Assignee:
            he.song Serena Song (Inactive)
            Reporter:
            he.song Serena Song (Inactive)
            Participants of an Issue:
            Recent user:
            Esther Sanz
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              7 years, 50 weeks, 5 days ago

                Packages

                Version Package
                7.0.0 M3