From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 program/js/tiny_mce/plugins/autosave/editor_plugin_src.js |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/program/js/tiny_mce/plugins/autosave/editor_plugin_src.js b/program/js/tiny_mce/plugins/autosave/editor_plugin_src.js
index 8311483..8b308f5 100644
--- a/program/js/tiny_mce/plugins/autosave/editor_plugin_src.js
+++ b/program/js/tiny_mce/plugins/autosave/editor_plugin_src.js
@@ -136,8 +136,10 @@
 
 					// Auto save contents each interval time
 					setInterval(function() {
-						self.storeDraft();
-						ed.nodeChanged();
+						if (!ed.removed) {
+							self.storeDraft();
+							ed.nodeChanged();
+						}
 					}, settings.autosave_interval);
 				}
 			});

--
Gitblit v1.9.1