XSS protection

diff --git a/group_chooser.cgi b/group_chooser.cgi
index 3f5ce0e..3cab9d2 100755 (executable)
--- a/group_chooser.cgi
+++ b/group_chooser.cgi
@@ -2,6 +2,7 @@
 # group_chooser.cgi
 # This CGI generated the HTML for choosing a group or list of groups.
 
+$trust_unknown_referers = 1;
 require './web-lib.pl';
 &init_config();
 &ReadParse(undef, undef, 2);
@@ -25,7 +26,8 @@ if ($in{'multi'}) {
                print "sel = new Array($len);\n";
                print "selr = new Array($len);\n";
                for($i=0; $i<$len; $i++) {
-                       print "sel[$i] = \"$ul[$i]\";\n";
+                       print "sel[$i] = \"".
+                             &quote_escape($ul[$i], '"')."\";\n";
                        @ginfo = getgrnam($ul[$i]);
                        if (@ginfo) {
                                @mems = &unique( split(/ /, $ginfo[3]),

diff --git a/user_chooser.cgi b/user_chooser.cgi
index e84dc3b..b0fde48 100755 (executable)
--- a/user_chooser.cgi
+++ b/user_chooser.cgi
@@ -2,6 +2,7 @@
 # user_chooser.cgi
 # This CGI generated the HTML for choosing a user or list of users.
 
+$trust_unknown_referers = 1;
 require './web-lib.pl';
 &init_config();
 &ReadParse(undef, undef, 2);
@@ -18,7 +19,8 @@ if ($in{'multi'}) {
                print "sel = new Array($len);\n";
                print "selr = new Array($len);\n";
                for($i=0; $i<$len; $i++) {
-                       print "sel[$i] = \"$ul[$i]\";\n";
+                       print "sel[$i] = \"".
+                             &quote_escape($ul[$i], '"')."\";\n";
                        @uinfo = getpwnam($ul[$i]);
                        if (@uinfo) { print "selr[$i] = \"$uinfo[6]\";\n"; }
                        else { print "selr[$i] = \"???\";\n"; }