From 82c31160abca5e00a3f986012dc883583e5ff190 Mon Sep 17 00:00:00 2001
From: Brian Warner <warner@lothar.com>
Date: Fri, 25 May 2012 15:58:02 -0700
Subject: [PATCH] validate hash-delivered email addresses

This moves the assignment of params.email from the primary-controlled
URL hash (#CREATE_EMAIL= and #ADD_EMAIL=) into the verification block,
and adds bid.verifyEmail() to check them. Closes bug 758449.
---
 resources/static/dialog/controllers/dialog.js | 31 +++++++++++--------
 1 file changed, 18 insertions(+), 13 deletions(-)

diff --git a/resources/static/dialog/controllers/dialog.js b/resources/static/dialog/controllers/dialog.js
index 1a3372d72..8e5b8f1cd 100644
--- a/resources/static/dialog/controllers/dialog.js
+++ b/resources/static/dialog/controllers/dialog.js
@@ -167,6 +167,24 @@ BrowserID.Modules.Dialog = (function() {
           params.tosURL = fixupURL(origin_url, paramsFromRP.termsOfService);
           params.privacyURL = fixupURL(origin_url, paramsFromRP.privacyPolicy);
         }
+
+        if (hash.indexOf("#CREATE_EMAIL=") === 0) {
+          var email = hash.replace(/#CREATE_EMAIL=/, "");
+          if (!bid.verifyEmail(email))
+            throw "invalid #CREATE_EMAIL= (" + email + ")";
+          params.type = "primary";
+          params.email = email;
+          params.add = false;
+        }
+        else if (hash.indexOf("#ADD_EMAIL=") === 0) {
+          var email = hash.replace(/#ADD_EMAIL=/, "");
+          if (!bid.verifyEmail(email))
+            throw "invalid #ADD_EMAIL= (" + email + ")";
+          params.type = "primary";
+          params.email = email;
+          params.add = true;
+        }
+
       } catch(e) {
         // note: renderError accepts HTML and cheerfully injects it into a
         // frame with a powerful origin. So convert 'e' first.
@@ -184,19 +202,6 @@ BrowserID.Modules.Dialog = (function() {
       // XXX Perhaps put this into the state machine.
       self.bind(win, "unload", onWindowUnload);
 
-      if(hash.indexOf("#CREATE_EMAIL=") === 0) {
-        var email = hash.replace(/#CREATE_EMAIL=/, "");
-        params.type = "primary";
-        params.email = email;
-        params.add = false;
-      }
-      else if(hash.indexOf("#ADD_EMAIL=") === 0) {
-        var email = hash.replace(/#ADD_EMAIL=/, "");
-        params.type = "primary";
-        params.email = email;
-        params.add = true;
-      }
-
       self.publish("start", params);
     }
 
-- 
GitLab