refactor: enhance ttMatch directive with $parse and improve modal handling for security

Author: ChaosEngine

src/IdentityManager2/Assets/Scripts/App/ttIdmUI.js

@@ -74,15 +74,17 @@
     ttFocus.$inject = [];
     app.directive("ttFocus", ttFocus);
 
-    function ttMatch($timeout) {
+    function ttMatch($timeout, $parse) {
         return {
             restrict: 'A',
             require: 'ngModel',
             link: function (scope, elem, attrs, ctrl) {
+                var matchGetter = $parse(attrs.ttMatch);
+                
                 function check() {
                     if (ctrl.$dirty) {
                         var thisVal = elem.val();
-                        var otherVal = scope.$eval(attrs.ttMatch);
+                        var otherVal = matchGetter(scope);
                         if (!thisVal || thisVal === otherVal) {
                             ctrl.$setValidity('ttMatch', true);
                         }
@@ -102,7 +104,7 @@
             }
         };
     }
-    ttMatch.$inject = ["$timeout"];
+    ttMatch.$inject = ["$timeout", "$parse"];
     app.directive("ttMatch", ttMatch);
 
     function ttPropertyEditor(PathBase){
@@ -172,9 +174,32 @@
     app.directive("ttPagerSummary", ttPagerSummary);
 
     function idmPager($sce) {
+        function escapeHtml(value) {
+            return String(value)
+                .replace(/&/g, "&")
+                .replace(/</g, "&lt;")
+                .replace(/>/g, "&gt;")
+                .replace(/\"/g, "&quot;")
+                .replace(/'/g, "&#39;");
+        }
+
+        var allowedPagerHtml = {
+            "<strong>&lt;&lt;</strong>": true,
+            "<strong>&lt;</strong>": true,
+            "<strong>&gt;</strong>": true,
+            "<strong>&gt;&gt;</strong>": true
+        };
+
+        function trustPagerText(text) {
+            if (allowedPagerHtml[text]) {
+                return $sce.trustAsHtml(text);
+            }
+            return $sce.trustAsHtml(escapeHtml(text));
+        }
+
         function Pager(result, pageSize) {
             function PagerButton(text, page, enabled, current) {
-                this.text = $sce.trustAsHtml(text + "");
+                this.text = trustPagerText(text);
                 this.page = page;
                 this.enabled = enabled;
                 this.current = current;
@@ -235,14 +260,26 @@
                 elem.on("click", function (e) {
                     if (prevent) {
                         e.preventDefault();
-                        $(attrs.ttConfirmClick).modal('show');
+                        var selector = attrs.ttConfirmClick || "";
+                        if (selector.indexOf("#") !== 0) {
+                            return;
+                        }
+                        var id = selector.substring(1);
+                        if (!/^[A-Za-z][\w\-:.]*$/.test(id)) {
+                            return;
+                        }
+                        var modalElem = document.getElementById(id);
+                        if (!modalElem) {
+                            return;
+                        }
+                        $(modalElem).modal('show');
                         if (!cb) {
                             cb = function () {
                                 $(this).off("confirm");
                                 prevent = false;
                                 elem.trigger("click");
                             };
-                            $(attrs.ttConfirmClick).on("confirm", cb);
+                            $(modalElem).on("confirm", cb);
                         }
                     }
                 });