MAGETWO-83574: Major arbitrary JavaScript code execution in adminhtml

svitja · svitja · commit d61dceea3574 · 2018-03-14T10:38:24.000+02:00
diff --git a/app/code/Magento/Ui/view/base/web/js/form/components/html.js b/app/code/Magento/Ui/view/base/web/js/form/components/html.js
@@ -20,7 +20,10 @@ define([
             loading:        false,
             visible:        true,
             template:       'ui/content/content',
-            additionalClasses: {}
+            additionalClasses: {},
+            ignoreTmpls: {
+                content: true
+            }
         },
 
         /**
diff --git a/app/code/Magento/Ui/view/base/web/js/form/provider.js b/app/code/Magento/Ui/view/base/web/js/form/provider.js
@@ -21,6 +21,9 @@ define([
                     save: '${ $.submit_url }',
                     beforeSave: '${ $.validate_url }'
                 }
+            },
+            ignoreTmpls: {
+                data: true
             }
         },
 
diff --git a/app/code/Magento/Ui/view/base/web/js/grid/provider.js b/app/code/Magento/Ui/view/base/web/js/grid/provider.js
@@ -30,6 +30,9 @@ define([
             listens: {
                 params: 'onParamsChange',
                 requestConfig: 'updateRequestConfig'
+            },
+            ignoreTmpls: {
+                data: true
             }
         },
 

Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,9 @@ define([`
`30`	`30`	`listens: {`
`31`	`31`	`params: 'onParamsChange',`
`32`	`32`	`requestConfig: 'updateRequestConfig'`
	`33`	`+ },`
	`34`	`+ ignoreTmpls: {`
	`35`	`+ data: true`
`33`	`36`	`}`
`34`	`37`	`},`
`35`	`38`