v0.13.5

Prepare changelog for v0.13.5
v0.13.5
2018-02-09 12:43:45 +00:00 · 2018-02-09 12:43:45 +00:00 · 2018-02-09 12:38:23 +00:00 · 2018-02-09 12:36:19 +00:00 · 2018-02-09 12:20:31 +00:00
4 changed files with 16 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,10 @@
+Changes in [0.13.5](https://github.com/vector-im/riot-web/releases/tag/v0.13.5) (2018-02-09)
+============================================================================================
+[Full Changelog](https://github.com/vector-im/riot-web/compare/v0.13.4...v0.13.5)
+
+ * SECURITY UPDATE: Sanitise URLs from 'external_url'. Thanks to walle303 for contacting
+   us about this vulnerability.
+
 Changes in [0.13.4](https://github.com/vector-im/riot-web/releases/tag/v0.13.4) (2018-01-03)
 ============================================================================================
 [Full Changelog](https://github.com/vector-im/riot-web/compare/v0.13.3...v0.13.4)
--- a/electron_app/package.json
+++ b/electron_app/package.json
@@ -2,7 +2,7 @@
  "name": "riot-web",
  "productName": "Riot",
  "main": "src/electron-main.js",
-  "version": "0.13.4",
+  "version": "0.13.5",
  "description": "A feature-rich client for Matrix.org",
  "author": "Vector Creations Ltd.",
  "dependencies": {
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
  "name": "riot-web",
  "productName": "Riot",
  "main": "electron_app/src/electron-main.js",
-  "version": "0.13.4",
+  "version": "0.13.5",
  "description": "A feature-rich client for Matrix.org",
  "author": "Vector Creations Ltd.",
  "repository": {
@@ -69,7 +69,7 @@
    "highlight.js": "^9.0.0",
    "linkifyjs": "^2.1.3",
    "matrix-js-sdk": "0.9.2",
-    "matrix-react-sdk": "0.11.3",
+    "matrix-react-sdk": "0.11.4",
    "modernizr": "^3.1.0",
    "pako": "^1.0.5",
    "prop-types": "^15.5.10",
--- a/src/components/views/context_menus/MessageContextMenu.js
+++ b/src/components/views/context_menus/MessageContextMenu.js
@@ -1,5 +1,6 @@
 /*
 Copyright 2015, 2016 OpenMarket Ltd
+Copyright 2018 New Vector Ltd

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -25,6 +26,7 @@ import { _t } from 'matrix-react-sdk/lib/languageHandler';
 const Modal = require('matrix-react-sdk/lib/Modal');
 const Resend = require("matrix-react-sdk/lib/Resend");
 import * as UserSettingsStore from 'matrix-react-sdk/lib/UserSettingsStore';
+import { isUrlPermitted } from 'matrix-react-sdk/lib/HtmlUtils';

 module.exports = React.createClass({
    displayName: 'MessageContextMenu',
@@ -275,7 +277,10 @@ module.exports = React.createClass({
        }

        // Bridges can provide a 'external_url' to link back to the source.
-        if( typeof(this.props.mxEvent.event.content.external_url) === "string") {
+        if(
+            typeof(this.props.mxEvent.event.content.external_url) === "string" &&
+            isUrlPermitted(this.props.mxEvent.event.content.external_url)
+        ) {
          externalURLButton = (
              <div className="mx_MessageContextMenu_field">
                  <a href={ this.props.mxEvent.event.content.external_url }
Author	SHA1	Message	Date
David Baker	9e614a54da	v0.13.5	2018-02-09 12:43:45 +00:00
David Baker	30087e5c73	Prepare changelog for v0.13.5	2018-02-09 12:43:45 +00:00
David Baker	1d222e3507	v0.13.5	2018-02-09 12:38:23 +00:00
David Baker	b20dea58c6	Bump react-sdk version	2018-02-09 12:36:19 +00:00
David Baker	62e90ceb0d	Sanity check URLs with isUrlPermitted Thanks to walle303 for letting us know these weren't being checked.	2018-02-09 12:20:31 +00:00