Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-10-01 00:27:38 +02:00
Code Issues Projects Releases Wiki Activity

Update/Install: Reject invalid messages in the Shiny Updates postMessage handler.

Browse Source 
This prevents conflicts with third-party messages (e.g. sent by browser extensions). The updates script expects a specific JSON-encoded message and now bails early if it's not valid JSON.

Fixes #37125.
Built from https://develop.svn.wordpress.org/trunk@37976


git-svn-id: http://core.svn.wordpress.org/trunk@37917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Pascal Birchler 2016-07-05 16:16:28 +00:00
parent a728528542
commit 685cce51d2
3 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
wp-admin/js/updates.js
View File

@ -2144,7 +2144,11 @@
return;
}
message = $.parseJSON( originalEvent.data );
try {
message = $.parseJSON( originalEvent.data );
} catch ( e ) {
return;
}
if ( 'undefined' === typeof message.action ) {
return;

2
wp-admin/js/updates.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.6-beta1-37975';
$wp_version = '4.6-beta1-37976';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.