From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 program/js/tiny_mce/themes/advanced/js/about.js |   73 ++++++++++++++++++++++++++++++++++++
 1 files changed, 73 insertions(+), 0 deletions(-)

diff --git a/program/js/tiny_mce/themes/advanced/js/about.js b/program/js/tiny_mce/themes/advanced/js/about.js
new file mode 100644
index 0000000..5b35845
--- /dev/null
+++ b/program/js/tiny_mce/themes/advanced/js/about.js
@@ -0,0 +1,73 @@
+tinyMCEPopup.requireLangPack();
+
+function init() {
+	var ed, tcont;
+
+	tinyMCEPopup.resizeToInnerSize();
+	ed = tinyMCEPopup.editor;
+
+	// Give FF some time
+	window.setTimeout(insertHelpIFrame, 10);
+
+	tcont = document.getElementById('plugintablecontainer');
+	document.getElementById('plugins_tab').style.display = 'none';
+
+	var html = "";
+	html += '<table id="plugintable">';
+	html += '<thead>';
+	html += '<tr>';
+	html += '<td>' + ed.getLang('advanced_dlg.about_plugin') + '</td>';
+	html += '<td>' + ed.getLang('advanced_dlg.about_author') + '</td>';
+	html += '<td>' + ed.getLang('advanced_dlg.about_version') + '</td>';
+	html += '</tr>';
+	html += '</thead>';
+	html += '<tbody>';
+
+	tinymce.each(ed.plugins, function(p, n) {
+		var info;
+
+		if (!p.getInfo)
+			return;
+
+		html += '<tr>';
+
+		info = p.getInfo();
+
+		if (info.infourl != null && info.infourl != '')
+			html += '<td width="50%" title="' + n + '"><a href="' + info.infourl + '" target="_blank">' + info.longname + '</a></td>';
+		else
+			html += '<td width="50%" title="' + n + '">' + info.longname + '</td>';
+
+		if (info.authorurl != null && info.authorurl != '')
+			html += '<td width="35%"><a href="' + info.authorurl + '" target="_blank">' + info.author + '</a></td>';
+		else
+			html += '<td width="35%">' + info.author + '</td>';
+
+		html += '<td width="15%">' + info.version + '</td>';
+		html += '</tr>';
+
+		document.getElementById('plugins_tab').style.display = '';
+
+	});
+
+	html += '</tbody>';
+	html += '</table>';
+
+	tcont.innerHTML = html;
+
+	tinyMCEPopup.dom.get('version').innerHTML = tinymce.majorVersion + "." + tinymce.minorVersion;
+	tinyMCEPopup.dom.get('date').innerHTML = tinymce.releaseDate;
+}
+
+function insertHelpIFrame() {
+	var html;
+
+	if (tinyMCEPopup.getParam('docs_url')) {
+		html = '<iframe width="100%" height="300" src="' + tinyMCEPopup.editor.baseURI.toAbsolute(tinyMCEPopup.getParam('docs_url')) + '"></iframe>';
+		document.getElementById('iframecontainer').innerHTML = html;
+		document.getElementById('help_tab').style.display = 'block';
+		document.getElementById('help_tab').setAttribute("aria-hidden", "false");
+	}
+}
+
+tinyMCEPopup.onInit.add(init);

--
Gitblit v1.9.1