Context Navigation

← Previous Ticket
Next Ticket →

#14946 new enhancement

Only enforce OEmbed whitelisting for dangerous types

Reported by:	markjaquith	Owned by:
Priority:	normal	Milestone:	Future Release
Component:	General	Version:	3.0.1
Severity:	normal	Keywords:	needs-patch dev-feedback
Cc:

Description

Of the four OEmbed response types, only two (video and rich) are potentially dangerous. We should be able to allow all photo and link responses, without a whitelist.

Change History (3)

comment:1 filosofo — 3 years ago

I'm not sure that we can consider photo responses safe, in the sense that we use the value of the url parameter as the source for an image element.

In the past there have been security exploits (such as the GDI exploit) that used image files to trick clients into executing code.

Even the best-case scenario allows the remote server to set and read cookies.

comment:2 jane — 3 years ago

Keywords needs-patch dev-feedback added

@ryan, @westi, @azaozz, can you weigh in here? If this is going to get in, needs a patch asap to beat freeze. @filosofo's counter-argument sounds reasonable, though.

comment:3 jane — 2 years ago

Milestone changed from 3.1 to Future Release

No patch, and we're entering beta. Punting.

Note: See TracTickets for help on using tickets.

Download in other formats: