MC-10871: [Sec] XSS Injection in HTML Code Content Type

davemacaulay · davemacaulay · commit c4de4a1050b4 · 2019-02-04T15:45:44.000+01:00
- Reset DOM document instance on afterFilter call
diff --git a/app/code/Magento/PageBuilder/Plugin/Filter/TemplatePlugin.php b/app/code/Magento/PageBuilder/Plugin/Filter/TemplatePlugin.php
@@ -52,6 +52,8 @@ public function __construct(
      */
     public function afterFilter(\Magento\Framework\Filter\Template $subject, string $result) : string
     {
+        $this->domDocument = false;
+
         // Validate if the filtered result requires background image processing
         if (strpos($result, self::DATA_BACKGROUND_IMAGE) !== false) {
             $document = $this->getDomDocument($result);

Original file line number	Diff line number	Diff line change
`@@ -52,6 +52,8 @@ public function __construct(`
`52`	`52`	`*/`
`53`	`53`	`public function afterFilter(\Magento\Framework\Filter\Template $subject, string $result) : string`
`54`	`54`	`{`
	`55`	`+ $this->domDocument = false;`
	`56`	`+`
`55`	`57`	`// Validate if the filtered result requires background image processing`
`56`	`58`	`if (strpos($result, self::DATA_BACKGROUND_IMAGE) !== false) {`
`57`	`59`	`$document = $this->getDomDocument($result);`