Merge pull request from GHSA-4r3m-j6x5-48m3

baserproject · web-flow · commit 94cbfab74c9f · 2020-08-19T16:36:04.000+09:00
fix security/advisories/GHSA-4r3m-j6x5-48m3
diff --git a/app/webroot/theme/admin-third/Elements/admin/toolbar.php b/app/webroot/theme/admin-third/Elements/admin/toolbar.php
@@ -39,52 +39,54 @@
 <div id="ToolBar" class="bca-toolbar">
 	<div id="ToolbarInner" class="clearfix bca-toolbar__body">
 		<div class="bca-toolbar__logo">
-			<?php
-				# インストール画面
-				if ($this->name == 'Installations'): ?>
+			<?php // インストール画面 ?>
+			<?php if ($this->name == 'Installations'): ?>
 				<?php $this->BcBaser->link(
 						$this->BcBaser->getImg('admin/logo_icon.svg', ['alt' => '', 'width' => '24', 'height' => '21', 'class' => 'bca-toolbar__logo-symbol']) . 
 				        '<span class="bca-toolbar__logo-text">' . __d('baser', 'インストールマニュアル') . '</span>', 
-                        'https://basercms.net/manuals/introductions/4.html', ['target' => '_blank', 'class' => 'bca-toolbar__logo-link']) ?>
-			<?php
-				# バージョンアップ画面
-				elseif (Configure::read('BcRequest.isUpdater')): ?>
+						'https://basercms.net/manuals/introductions/4.html',
+						['target' => '_blank', 'class' => 'bca-toolbar__logo-link']
+				) ?>
+						
+			<?php // バージョンアップ画面 ?>
+			<?php elseif (Configure::read('BcRequest.isUpdater')): ?>
 				<?php $this->BcBaser->link(
 						$this->BcBaser->getImg('admin/logo_icon.svg', ['alt' => '', 'width' => '24', 'height' => '21', 'class' => 'bca-toolbar__logo-symbol']) .
 						'<span class="bca-toolbar__logo-text">' . __d('baser', 'アップデートマニュアル') . '</span>', 
-                        'https://basercms.net/manuals/introductions/8.html', ['target' => '_blank', 'class' => 'bca-toolbar__logo-link']) ?>
-			<?php
-				# 通常
-				elseif (!empty($this->request->params['admin']) || ('/' . $this->request->url) == $loginUrl): ?>
+						'https://basercms.net/manuals/introductions/8.html',
+						['target' => '_blank', 'class' => 'bca-toolbar__logo-link']
+				) ?>
+						
+			<?php // 通常管理画面 ?>
+			<?php elseif (!empty($this->request->params['admin']) || ('/' . $this->request->url) == $loginUrl): ?>
 				<?php
 					$this->BcBaser->link(
 						$this->BcBaser->getImg('admin/logo_icon.svg', ['alt' => '', 'width' => '24', 'height' => '21', 'class' => 'bca-toolbar__logo-symbol'])
-							.'<span class="bca-toolbar__logo-text">'
-							.$this->BcBaser->siteConfig['formal_name']
-							.'</span>', '/'
+							. '<span class="bca-toolbar__logo-text">'
+							. h($this->BcBaser->siteConfig['formal_name'])
+							. '</span>', '/'
 						,
 						['class' => 'bca-toolbar__logo-link']
 					)
 				?>
-			<?php
-				else: ?>
-				<?php
-					# 管理画面にアクセス可能な権限がある場合
-					if (in_array('admin', $currentUserAuthPrefixes)): ?>
+				
+			<?php // 公開画面 ?>
+			<?php else: ?>
+				<?php // 管理画面にアクセス可能な権限がある場合 ?>
+				<?php if (in_array('admin', $currentUserAuthPrefixes)): ?>
 					<?php
 					$this->BcBaser->link(
 						$this->BcBaser->getImg('admin/logo_icon.svg', ['alt' => '', 'width' => '24', 'height' => '21', 'class' => 'bca-toolbar__logo-symbol'])
-							.'<span class="bca-toolbar__logo-text">'
-							.$this->BcBaser->siteConfig['formal_name']
-							.'</span>', ['plugin' => null, 'admin' => true, 'controller' => 'dashboard', 'action' => 'index']
+							. '<span class="bca-toolbar__logo-text">'
+							. h($this->BcBaser->siteConfig['formal_name'])
+							. '</span>', ['plugin' => null, 'admin' => true, 'controller' => 'dashboard', 'action' => 'index']
 						,
 						['class' => 'bca-toolbar__logo-link']
 					)
 					?>
-				<?php
-				# 管理画面にアクセス権限がない場合
-				else: ?>
-					<?php $this->BcBaser->link($authName, Configure::read('BcAuthPrefix.' . $currentPrefix . '.loginRedirect'), ['title' => $authName]) ?>
+				<?php // 管理画面にアクセス権限がない場合 ?>
+				<?php else: ?>
+					<?php $this->BcBaser->link(h($authName), Configure::read('BcAuthPrefix.' . $currentPrefix . '.loginRedirect'), ['title' => h($authName)]) ?>
 				<?php endif ?>
 			<?php endif ?>
 		</div>
@@ -112,14 +114,16 @@
 		<div id="UserMenu" class="bca-toolbar__users">
 			<ul class="clearfix">
 				<?php
-				# TODO: お気に入りを表示（サイドメニューとのイベント処理・同期・スタイルの調整を検討中）
-				# <li>
-				# <a href="javascript:void(0)" class="title"><?php echo __d('baser', 'お気に入り') ? ><img src="/theme/admin-third/img/admin/btn_dropdown.png" width="8" height="11" class="bc-btn"></a>
-				#	<div id="FavoriteArea" hidden>
-				#		<?php $this->BcBaser->element('favorite_menu') ? >
-				#		<?php $this->BcBaser->element('permission') ? >
-				#	</div>
-				#</li>
+				/**
+				 * TODO: お気に入りを表示（サイドメニューとのイベント処理・同期・スタイルの調整を検討中）
+				 * <li>
+				 * <a href="javascript:void(0)" class="title"><?php echo __d('baser', 'お気に入り') ? ><img src="/theme/admin-third/img/admin/btn_dropdown.png" width="8" height="11" class="bc-btn"></a>
+				 * 	<div id="FavoriteArea" hidden>
+				 * 		<?php $this->BcBaser->element('favorite_menu') ? >
+				 * 		<?php $this->BcBaser->element('permission') ? >
+				 * 	</div>
+				 * </li>
+				 */
 				?>
 				<li>
 					<?php if (!empty($user)): ?>
diff --git a/lib/Baser/View/Elements/admin/toolbar.php b/lib/Baser/View/Elements/admin/toolbar.php
@@ -47,12 +47,12 @@
 				<?php elseif (Configure::read('BcRequest.isUpdater')): ?>
 					<li><?php $this->BcBaser->link(__d('baser', 'アップデートマニュアル'), 'http://wiki.basercms.net/%E3%83%90%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B3%E3%82%A2%E3%83%83%E3%83%97%E3%82%AC%E3%82%A4%E3%83%89', ['target' => '_blank', 'class' => 'tool-menu']) ?></li>
 				<?php elseif (!empty($this->request->params['admin']) || ('/' . $this->request->url) == $loginUrl): ?>	
-					<li><?php $this->BcBaser->link($this->BcBaser->siteConfig['formal_name'], '/') ?></li>
+					<li><?php $this->BcBaser->link($this->BcBaser->siteConfig['formal_name'], '/', ['escape' => true]) ?></li>
 				<?php else: ?>
 					<?php if (in_array('admin', $currentUserAuthPrefixes)): ?>
 						<li><?php $this->BcBaser->link($this->BcBaser->getImg('admin/btn_logo.png', ['alt' => __d('baser', 'baserCMS管理システム'), 'class' => 'bc-btn']), ['plugin' => null, 'admin' => true, 'controller' => 'dashboard', 'action' => 'index'], ['title' => __d('baser', 'baserCMS管理システム')]) ?></li>
 					<?php else: ?>
-						<li><?php $this->BcBaser->link($authName, Configure::read('BcAuthPrefix.' . $currentPrefix . '.loginRedirect'), ['title' => $authName]) ?></li>
+						<li><?php $this->BcBaser->link($authName, Configure::read('BcAuthPrefix.' . $currentPrefix . '.loginRedirect'), ['title' => $authName, 'escape' => ture]) ?></li>
 					<?php endif ?>
 				<?php endif ?>
 				<?php if ($this->BcBaser->existsEditLink() && !isset($this->request->query['preview'])): ?>
