From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)
---
program/js/tiny_mce/plugins/table/merge_cells.htm | 22 +++++++++++-----------
1 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/program/js/tiny_mce/plugins/table/merge_cells.htm b/program/js/tiny_mce/plugins/table/merge_cells.htm
index 9736ed8..d231090 100644
--- a/program/js/tiny_mce/plugins/table/merge_cells.htm
+++ b/program/js/tiny_mce/plugins/table/merge_cells.htm
@@ -7,20 +7,20 @@
<script type="text/javascript" src="../../utils/validate.js"></script>
<script type="text/javascript" src="js/merge_cells.js"></script>
</head>
-<body style="margin: 8px">
+<body style="margin: 8px" role="application">
<form onsubmit="MergeCellsDialog.merge();return false;" action="#">
<fieldset>
<legend>{#table_dlg.merge_cells_title}</legend>
- <table border="0" cellpadding="0" cellspacing="3" width="100%">
- <tr>
- <td>{#table_dlg.cols}:</td>
- <td align="right"><input type="text" name="numcols" value="" class="number min1 mceFocus" style="width: 30px" /></td>
- </tr>
- <tr>
- <td>{#table_dlg.rows}:</td>
- <td align="right"><input type="text" name="numrows" value="" class="number min1" style="width: 30px" /></td>
- </tr>
- </table>
+ <table role="presentation" border="0" cellpadding="0" cellspacing="3" width="100%">
+ <tr>
+ <td><label for="numcols">{#table_dlg.cols}</label>:</td>
+ <td align="right"><input type="text" id="numcols" name="numcols" value="" class="number min1 mceFocus" style="width: 30px" aria-required="true" /></td>
+ </tr>
+ <tr>
+ <td><label for="numrows">{#table_dlg.rows}</label>:</td>
+ <td align="right"><input type="text" id="numrows" name="numrows" value="" class="number min1" style="width: 30px" aria-required="true" /></td>
+ </tr>
+ </table>
</fieldset>
<div class="mceActionPanel">
--
Gitblit v1.9.1