Merge pull request #215 from TycheSoftwares/issue-214

handelce · web-flow · commit 49a37c4829f2 · 2023-02-01T18:16:00.000+01:00
Fix for Reflected XSS Vulnerability
diff --git a/includes/class-wcdn-writepanel.php b/includes/class-wcdn-writepanel.php
@@ -137,7 +137,7 @@ public function my_bulk_action_handler( $redirect_to, $doaction, $post_ids ) {
 				return $redirect_to;
 			}
 			// stop if the action is not of bulk printing.
-			if( ! in_array( $_REQUEST['action'], array( 'wcdn_print_invoice', 'wcdn_print_delivery-note', 'wcdn_print_receipt' ) ) ) {
+			if ( ! in_array( $_REQUEST['action'], array( 'wcdn_print_invoice', 'wcdn_print_delivery-note', 'wcdn_print_receipt' ) ) ) { // phpcs:ignore
 				return $redirect_to;
 			}
 			// only for specified actions.
@@ -207,21 +207,23 @@ public function confirm_bulk_actions() {
 			if ( $this->is_order_edit_page() ) {
 				foreach ( WCDN_Print::$template_registrations as $template_registration ) {
 					if ( isset( $_REQUEST[ 'printed_' . $template_registration['type'] ] ) ) {
+						
 						// use singular or plural form.
-						$total = isset( $_REQUEST['total'] ) ? absint( $_REQUEST['total'] ) : 0;
-						if ( $total <= 1 ) {
-							$message = $template_registration['labels']['message'];
-						} else {
-							$message = $template_registration['labels']['message_plural'];
-						}
-						?>
+						$total   = isset( $_REQUEST['total'] ) ? absint( $_REQUEST['total'] ) : 0;
+						$message = $total <= 1 ? $message = $template_registration['labels']['message'] : $template_registration['labels']['message_plural'];
 
-						<div id="woocommerce-delivery-notes-bulk-print-message" class="updated">
-							<p><?php wp_kses_post( $message, 'woocommerce-delivery-notes' ); ?>
-							<a href="<?php if ( isset( $_REQUEST['print_url'] ) ) : echo urldecode( esc_url_raw( $_REQUEST['print_url'] ) ); endif; // phpcs:ignore ?>" target="_blank" class="print-preview-button" id="woocommerce-delivery-notes-bulk-print-button"><?php esc_attr_e( 'Print now', 'woocommerce-delivery-notes' ); ?></a> <span class="print-preview-loading spinner"></span></p>
-						</div>
+						// Print URL - Fix Issue #214: Reflected XSS Vulnerability in Plugin.
+						$print_url = isset( $_REQUEST['print_url'] ) ? $_REQUEST['print_url'] : ''; // phpcs:ignore
+						$print_url = '' !== $print_url && strtolower( esc_url_raw( $print_url ) ) === strtolower( $print_url ) ? esc_url_raw( $print_url ) : '';
 
-						<?php
+						if ( '' !== $print_url ) {
+							?>
+							<div id="woocommerce-delivery-notes-bulk-print-message" class="updated">
+								<p><?php wp_kses_post( $message, 'woocommerce-delivery-notes' ); ?>
+								<a href="<?php echo $print_url; // phpcs:ignore ?>" target="_blank" class="print-preview-button" id="woocommerce-delivery-notes-bulk-print-button"><?php esc_attr_e( 'Print now', 'woocommerce-delivery-notes' ); ?></a> <span class="print-preview-loading spinner"></span></p>
+							</div>
+							<?php
+						}
 						break;
 					}
 				}
@@ -269,7 +271,4 @@ public function create_box_content() {
 		}
 
 	}
-
 }
-
-?>
