From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 program/js/tiny_mce/plugins/emotions/js/emotions.js |   43 +++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 43 insertions(+), 0 deletions(-)

diff --git a/program/js/tiny_mce/plugins/emotions/js/emotions.js b/program/js/tiny_mce/plugins/emotions/js/emotions.js
new file mode 100644
index 0000000..b360f20
--- /dev/null
+++ b/program/js/tiny_mce/plugins/emotions/js/emotions.js
@@ -0,0 +1,43 @@
+tinyMCEPopup.requireLangPack();
+
+var EmotionsDialog = {
+	addKeyboardNavigation: function(){
+		var tableElm, cells, settings;
+			
+		cells = tinyMCEPopup.dom.select("a.emoticon_link", "emoticon_table");
+			
+		settings ={
+			root: "emoticon_table",
+			items: cells
+		};
+		cells[0].tabindex=0;
+		tinyMCEPopup.dom.addClass(cells[0], "mceFocus");
+		if (tinymce.isGecko) {
+			cells[0].focus();		
+		} else {
+			setTimeout(function(){
+				cells[0].focus();
+			}, 100);
+		}
+		tinyMCEPopup.editor.windowManager.createInstance('tinymce.ui.KeyboardNavigation', settings, tinyMCEPopup.dom);
+	}, 
+	init : function(ed) {
+		tinyMCEPopup.resizeToInnerSize();
+		this.addKeyboardNavigation();
+	},
+
+	insert : function(file, title) {
+		var ed = tinyMCEPopup.editor, dom = ed.dom;
+
+		tinyMCEPopup.execCommand('mceInsertContent', false, dom.createHTML('img', {
+			src : tinyMCEPopup.getWindowArg('plugin_url') + '/img/' + file,
+			alt : ed.getLang(title),
+			title : ed.getLang(title),
+			border : 0
+		}));
+
+		tinyMCEPopup.close();
+	}
+};
+
+tinyMCEPopup.onInit.add(EmotionsDialog.init, EmotionsDialog);

--
Gitblit v1.9.1