From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 program/js/tiny_mce/plugins/xhtmlxtras/js/cite.js |   28 ++++++++++++++++++++++++++++
 1 files changed, 28 insertions(+), 0 deletions(-)

diff --git a/program/js/tiny_mce/plugins/xhtmlxtras/js/cite.js b/program/js/tiny_mce/plugins/xhtmlxtras/js/cite.js
new file mode 100644
index 0000000..009b715
--- /dev/null
+++ b/program/js/tiny_mce/plugins/xhtmlxtras/js/cite.js
@@ -0,0 +1,28 @@
+/**
+ * cite.js
+ *
+ * Copyright 2009, Moxiecode Systems AB
+ * Released under LGPL License.
+ *
+ * License: http://tinymce.moxiecode.com/license
+ * Contributing: http://tinymce.moxiecode.com/contributing
+ */
+
+function init() {
+	SXE.initElementDialog('cite');
+	if (SXE.currentAction == "update") {
+		SXE.showRemoveButton();
+	}
+}
+
+function insertCite() {
+	SXE.insertElement('cite');
+	tinyMCEPopup.close();
+}
+
+function removeCite() {
+	SXE.removeElement('cite');
+	tinyMCEPopup.close();
+}
+
+tinyMCEPopup.onInit.add(init);

--
Gitblit v1.9.1