From 92d0af3a93ed807f711862830bc4ead3d84a0752 Mon Sep 17 00:00:00 2001
From: Amauri CHAMPEAUX <amauri@champeaux.fr>
Date: Thu, 30 Jul 2020 09:49:32 +0200
Subject: [PATCH] Fix a Self-XSS vulnerability

Big thanks to Nicolas (nicolas.decayeux@intrinsec.com)
---
 .DS_Store        | Bin 8196 -> 8196 bytes
 tarteaucitron.js |  10 +++++++---
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/.DS_Store b/.DS_Store
index 57bff57c2efb5a3e5ec30de3995d83b4e59788f0..fb105094337a8f92d69ae61155d00c15bc4c6873 100644
GIT binary patch
delta 51
zcmZp1XmQvuUud#`V2g-}k&c3)nR%^_LbaiViLs7?g`v^p6@sRlbA@NIY-W@A&a(NR
H2s<+XjQS65

delta 77
zcmZp1XmQvuUx@M4WI@3OEy?O?V>1gK1tUX~S{;RILjzM29R+h!)7n~24slgOThD~t
h%Bt#`+PYbjcL~Zf&fc6UJeOrNyTmt^&3{DLnE{xo7;XRn

diff --git a/tarteaucitron.js b/tarteaucitron.js
index 6acfabb..9fa93c7 100644
--- a/tarteaucitron.js
+++ b/tarteaucitron.js
@@ -17,7 +17,7 @@ var scripts = document.getElementsByTagName('script'),
 
 
 var tarteaucitron = {
-    "version": 20200521,
+    "version": 20200730,
     "cdn": cdn,
     "user": {},
     "lang": {},
@@ -1362,9 +1362,9 @@ var tarteaucitron = {
                         html += '</div><ul class="cookie-list">';
                     }
                     html += '<li class="tarteaucitronCookiesListMain">';
-                    html += '    <div class="tarteaucitronCookiesListLeft"><button type="button" onclick="tarteaucitron.cookie.purge([\'' + cookies[i].split('=', 1) + '\']);tarteaucitron.cookie.number();tarteaucitron.userInterface.jsSizing(\'cookie\');return false"><strong>&times;</strong></button> <strong>' + name + '</strong>';
+                    html += '    <div class="tarteaucitronCookiesListLeft"><button type="button" onclick="tarteaucitron.cookie.purge([\'' + tarteaucitron.fixSelfXSS(cookies[i].split('=', 1)) + '\']);tarteaucitron.cookie.number();tarteaucitron.userInterface.jsSizing(\'cookie\');return false"><strong>&times;</strong></button> <strong>' + tarteaucitron.fixSelfXSS(name) + '</strong>';
                     html += '    </div>';
-                    html += '    <div class="tarteaucitronCookiesListRight">' + cookies[i].split('=').slice(1).join('=') + '</div>';
+                    html += '    <div class="tarteaucitronCookiesListRight">' + tarteaucitron.fixSelfXSS(cookies[i].split('=').slice(1).join('=')) + '</div>';
                     html += '</li>';
                 }
                 html += '</ul>';
@@ -1394,6 +1394,10 @@ var tarteaucitron = {
             }
         }
     },
+    "fixSelfXSS": function(html) {
+        fixed = html.toString().replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#039;");
+        return fixed;
+    },
     "getLanguage": function () {
         "use strict";