Issues in galleryfileaction.js (master) - Issues in master - interfasys/galleryplus - Measure and Improve Code Quality continuously with Scrutinizer

Issues (61)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

js/galleryfileaction.js (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

/* global oc_requesttoken, FileList, Gallery, SlideShow */
(function ($, OC, OCA, oc_requesttoken) {
	"use strict";
	var galleryFileAction = {
		features: [],
		mediaTypes: {},
		scrollContainer: null,
		slideShow: null,

		/**
		 * Builds a URL pointing to one of the app's controllers
		 *
		 * @param {string} endPoint
		 * @param {undefined|string} path
		 * @param {Object} params
		 *
		 * @returns {string}
		 */
		buildGalleryUrl: function (endPoint, path, params) {
			var extension = '';
			var tokenElement = $('#sharingToken');
			var token = (tokenElement.val()) ? tokenElement.val() : false;
			if (token) {
				params.token = token;
				extension = '.public';
			}
			var query = OC.buildQueryString(params);
			return OC.generateUrl('apps/galleryplus/' + endPoint + extension + path, null) + '?' +
				query;
		},

		/**
		 * Registers a file action for each media type
		 *
		 * @param {Array} mediaTypes
		 */
		register: function (mediaTypes) {
			//console.log("enabledPreviewProviders: ", mediaTypes);
			if (mediaTypes) {
				// Remove SVG if the user is using an insecure browser (IE8-9)
				if (window.galleryFileAction.features.indexOf('native_svg') > -1 && !window.btoa) {
					mediaTypes.splice(mediaTypes.indexOf('image/svg+xml'), 1);
				}
				galleryFileAction.mediaTypes = mediaTypes;
			}
			var i, mediaTypesLength = mediaTypes.length;
			// We only want to create slideshows for supported media types
			for (i = 0; i < mediaTypesLength; i++) {
				// Each click handler gets the same function and images array and
				// is responsible to load the slideshow
				OCA.Files.fileActions.register(mediaTypes[i], 'View', OC.PERMISSION_READ, '',
					galleryFileAction.onView);
				OCA.Files.fileActions.setDefault(mediaTypes[i], 'View');
			}
		},

		/**
		 * Prepares the features array
		 *
		 * This is duplicated from a method found in galleryconfig. It's done that way in order to
		 * avoid having to load the whole utility class in the Files app
		 *
		 * @param configFeatures
		 * @returns {Array}
		 */
		buildFeaturesList: function (configFeatures) {
			var features = [];
			var i, configFeaturesLength = configFeatures.length;
			if (configFeaturesLength) {
				for (i = 0; i < configFeaturesLength; i++) {
					features.push(configFeatures[i]);
				}
			}

			window.galleryFileAction.features = features;
		},

		/**
		 * Builds an array containing all the images we can show in the slideshow
		 *
		 * @param {string} filename
		 * @param {Object} context
		 */
		onView: function (filename, context) {
			var imageUrl, downloadUrl;
			var fileList = context.fileList;
			var files = fileList.files;
			var start = 0;
			var images = [];
			var dir = context.dir + '/';
			var width = Math.ceil(screen.width * window.devicePixelRatio);

			var height = Math.ceil(screen.height * window.devicePixelRatio);

			/* Find value of longest edge. */
			var longEdge = Math.max(width, height);

			/* Find the next larger image size. */
			if (longEdge % 100 !== 0) {
				longEdge = ( longEdge + 100 ) - ( longEdge % 100 );
			}

			for (var i = 0; i < files.length; i++) {
				var file = files[i];
				// We only add images to the slideshow if we think we'll be able
				// to generate previews for this media type
				if (galleryFileAction.mediaTypes.indexOf(file.mimetype) > -1) {
					/* jshint camelcase: false */
					var params = {
						width: longEdge,
						height: longEdge,
						c: file.etag,
						requesttoken: oc_requesttoken
					};
					imageUrl = galleryFileAction.buildGalleryUrl('preview', '/' + file.id, params);
					params = {
						c: file.etag,
						requesttoken: oc_requesttoken
					};
					downloadUrl =
						galleryFileAction.buildGalleryUrl('files', '/download/' + file.id, params);

					images.push({
						name: file.name,
						path: dir + file.name,
						fileId: file.id,
						mimeType: file.mimetype,
						permissions: file.permissions,
						url: imageUrl,
						downloadUrl: downloadUrl
					});
				}
			}
			for (i = 0; i < images.length; i++) {
				//console.log("Images in the slideshow : ", images[i]);
				if (images[i].name === filename) {
					start = i;
				}
			}

			if ($.isEmptyObject(galleryFileAction.slideShow)) {
				galleryFileAction.slideShow = new SlideShow();
				$.when(galleryFileAction.slideShow.init(
					false,
					null,
					window.galleryFileAction.features
				)).then(function () {
					// Don't show the download button on the "Files" slideshow
					galleryFileAction.slideShow.removeButton('.downloadImage');
					galleryFileAction._startSlideshow(images, start);
				});
			} else {
				galleryFileAction._startSlideshow(images, start);
			}
		},

		/**
		 * Launches the slideshow
		 *
		 * @param {{name:string, url: string, path: string, fallBack: string}[]} images
		 * @param {number} start
		 * @private
		 */
		_startSlideshow: function (images, start) {
			galleryFileAction.slideShow.setImages(images, false);

			var scrollTop = galleryFileAction.scrollContainer.scrollTop();
			// This is only called when the slideshow is stopped
			galleryFileAction.slideShow.onStop = function () {
				FileList.$fileList.one('updated', function () {
					galleryFileAction.scrollContainer.scrollTop(scrollTop);
				});
			};

			// Only modern browsers can manipulate history
			if (history && history.replaceState) {
				// This stores the fileslist in the history state
				var stateData = {
					dir: FileList.getCurrentDirectory()
				};
				history.replaceState(stateData, document.title, window.location);

				// This creates a new entry in history for the slideshow. It will
				// be updated as the user navigates from picture to picture
				history.pushState(null, '', '#loading');
			}

			galleryFileAction.slideShow.show(start);
		}
	};

	window.galleryFileAction = galleryFileAction;
})(jQuery, OC, OCA, oc_requesttoken);

$(document).ready(function () {
	"use strict";
	// Deactivates fileaction on public preview page
	if ($('#imgframe').length > 0) {
		return true;
	}

	if ($('html').is('.ie8')) {
		return true; //deactivate in IE8
	}

	window.galleryFileAction.scrollContainer = $('#app-content');
	if ($('#isPublic').val()) {
		window.galleryFileAction.scrollContainer = $(window);
	}

	var utility = new Gallery.Utility();
	utility.addDomPurifyHooks();

	// Retrieve the config as well as the list of supported media types.
	// The list of media files is retrieved when the user clicks on a row
	var url = window.galleryFileAction.buildGalleryUrl('config', '', {extramediatypes: 1});
	$.getJSON(url).then(function (config) {
		window.galleryFileAction.buildFeaturesList(config.features);
		window.galleryFileAction.register(config.mediatypes);
	});
});


1			/* global oc_requesttoken, FileList, Gallery, SlideShow */
2			(function ($, OC, OCA, oc_requesttoken) {
3			"use strict";
4			var galleryFileAction = {
5			features: [],
6			mediaTypes: {},
7			scrollContainer: null,
8			slideShow: null,
9
10			/**
11			* Builds a URL pointing to one of the app's controllers
12			*
13			* @param {string} endPoint
14			* @param {undefined\|string} path
15			* @param {Object} params
16			*
17			* @returns {string}
18			*/
19			buildGalleryUrl: function (endPoint, path, params) {
20			var extension = '';
21			var tokenElement = $('#sharingToken');
22			var token = (tokenElement.val()) ? tokenElement.val() : false;
23			if (token) {
24			params.token = token;
25			extension = '.public';
26			}
27			var query = OC.buildQueryString(params);
28			return OC.generateUrl('apps/galleryplus/' + endPoint + extension + path, null) + '?' +
29			query;
30			},
31
32			/**
33			* Registers a file action for each media type
34			*
35			* @param {Array} mediaTypes
36			*/
37			register: function (mediaTypes) {
38			//console.log("enabledPreviewProviders: ", mediaTypes);
39			if (mediaTypes) {
40			// Remove SVG if the user is using an insecure browser (IE8-9)
41			if (window.galleryFileAction.features.indexOf('native_svg') > -1 && !window.btoa) {
42			mediaTypes.splice(mediaTypes.indexOf('image/svg+xml'), 1);
43			}
44			galleryFileAction.mediaTypes = mediaTypes;
45			}
46			var i, mediaTypesLength = mediaTypes.length;
47			// We only want to create slideshows for supported media types
48			for (i = 0; i < mediaTypesLength; i++) {
49			// Each click handler gets the same function and images array and
50			// is responsible to load the slideshow
51			OCA.Files.fileActions.register(mediaTypes[i], 'View', OC.PERMISSION_READ, '',
52			galleryFileAction.onView);
53			OCA.Files.fileActions.setDefault(mediaTypes[i], 'View');
54			}
55			},
56
57			/**
58			* Prepares the features array
59			*
60			* This is duplicated from a method found in galleryconfig. It's done that way in order to
61			* avoid having to load the whole utility class in the Files app
62			*
63			* @param configFeatures
64			* @returns {Array}
65			*/
66			buildFeaturesList: function (configFeatures) {
67			var features = [];
68			var i, configFeaturesLength = configFeatures.length;
69			if (configFeaturesLength) {
70			for (i = 0; i < configFeaturesLength; i++) {
71			features.push(configFeatures[i]);
72			}
73			}
74
75			window.galleryFileAction.features = features;
76			},
77
78			/**
79			* Builds an array containing all the images we can show in the slideshow
80			*
81			* @param {string} filename
82			* @param {Object} context
83			*/
84			onView: function (filename, context) {
85			var imageUrl, downloadUrl;
86			var fileList = context.fileList;
87			var files = fileList.files;
88			var start = 0;
89			var images = [];
90			var dir = context.dir + '/';
91			var width = Math.ceil(screen.width * window.devicePixelRatio);
			0 ignored issues – show Bug introduced 2016-06-18 15:30 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `screen` seems to be never declared. If this is a global, consider adding a `/** global: screen */` comment. This checks looks for references to variables that have not been declared. This is most likey a typographical error or a variable has been renamed. To learn more about declaring variables in Javascript, see the MDN. Loading history...
92			var height = Math.ceil(screen.height * window.devicePixelRatio);
93
94			/* Find value of longest edge. */
95			var longEdge = Math.max(width, height);
96
97			/* Find the next larger image size. */
98			if (longEdge % 100 !== 0) {
99			longEdge = ( longEdge + 100 ) - ( longEdge % 100 );
100			}
101
102			for (var i = 0; i < files.length; i++) {
103			var file = files[i];
104			// We only add images to the slideshow if we think we'll be able
105			// to generate previews for this media type
106			if (galleryFileAction.mediaTypes.indexOf(file.mimetype) > -1) {
107			/* jshint camelcase: false */
108			var params = {
109			width: longEdge,
110			height: longEdge,
111			c: file.etag,
112			requesttoken: oc_requesttoken
113			};
114			imageUrl = galleryFileAction.buildGalleryUrl('preview', '/' + file.id, params);
115			params = {
116			c: file.etag,
117			requesttoken: oc_requesttoken
118			};
119			downloadUrl =
120			galleryFileAction.buildGalleryUrl('files', '/download/' + file.id, params);
121
122			images.push({
123			name: file.name,
124			path: dir + file.name,
125			fileId: file.id,
126			mimeType: file.mimetype,
127			permissions: file.permissions,
128			url: imageUrl,
129			downloadUrl: downloadUrl
130			});
131			}
132			}
133			for (i = 0; i < images.length; i++) {
134			//console.log("Images in the slideshow : ", images[i]);
135			if (images[i].name === filename) {
136			start = i;
137			}
138			}
139
140			if ($.isEmptyObject(galleryFileAction.slideShow)) {
141			galleryFileAction.slideShow = new SlideShow();
142			$.when(galleryFileAction.slideShow.init(
143			false,
144			null,
145			window.galleryFileAction.features
146			)).then(function () {
147			// Don't show the download button on the "Files" slideshow
148			galleryFileAction.slideShow.removeButton('.downloadImage');
149			galleryFileAction._startSlideshow(images, start);
150			});
151			} else {
152			galleryFileAction._startSlideshow(images, start);
153			}
154			},
155
156			/**
157			* Launches the slideshow
158			*
159			* @param {{name:string, url: string, path: string, fallBack: string}[]} images
160			* @param {number} start
161			* @private
162			*/
163			_startSlideshow: function (images, start) {
164			galleryFileAction.slideShow.setImages(images, false);
165
166			var scrollTop = galleryFileAction.scrollContainer.scrollTop();
167			// This is only called when the slideshow is stopped
168			galleryFileAction.slideShow.onStop = function () {
169			FileList.$fileList.one('updated', function () {
170			galleryFileAction.scrollContainer.scrollTop(scrollTop);
171			});
172			};
173
174			// Only modern browsers can manipulate history
175			if (history && history.replaceState) {
176			// This stores the fileslist in the history state
177			var stateData = {
178			dir: FileList.getCurrentDirectory()
179			};
180			history.replaceState(stateData, document.title, window.location);
181
182			// This creates a new entry in history for the slideshow. It will
183			// be updated as the user navigates from picture to picture
184			history.pushState(null, '', '#loading');
185			}
186
187			galleryFileAction.slideShow.show(start);
188			}
189			};
190
191			window.galleryFileAction = galleryFileAction;
192			})(jQuery, OC, OCA, oc_requesttoken);
193
194			$(document).ready(function () {
195			"use strict";
196			// Deactivates fileaction on public preview page
197			if ($('#imgframe').length > 0) {
198			return true;
199			}
200
201			if ($('html').is('.ie8')) {
202			return true; //deactivate in IE8
203			}
204
205			window.galleryFileAction.scrollContainer = $('#app-content');
206			if ($('#isPublic').val()) {
207			window.galleryFileAction.scrollContainer = $(window);
208			}
209
210			var utility = new Gallery.Utility();
211			utility.addDomPurifyHooks();
212
213			// Retrieve the config as well as the list of supported media types.
214			// The list of media files is retrieved when the user clicks on a row
215			var url = window.galleryFileAction.buildGalleryUrl('config', '', {extramediatypes: 1});
216			$.getJSON(url).then(function (config) {
217			window.galleryFileAction.buildFeaturesList(config.features);
218			window.galleryFileAction.register(config.mediatypes);
219			});
220			});
221

interfasys / galleryplus

Issues (61)

Security Analysis not enabled

js/galleryfileaction.js (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like