add more htmlspecialchars

debian/changelog

@@ -1,3 +1,9 @@
+securityonion-web-page (20141015-0ubuntu0securityonion38) trusty; urgency=medium
+
+  * add more htmlspecialchars 
+
+ -- Doug Burks <doug.burks@gmail.com>  Mon, 19 Oct 2015 15:24:55 -0400
+
 securityonion-web-page (20141015-0ubuntu0securityonion37) trusty; urgency=medium
 
   * securityonion-web-page: move SSH Logins query to Host Logs category #810 

debian/patches/add-more-htmlspecialchars

@@ -0,0 +1,55 @@
+Description: <short summary of the patch>
+ TODO: Put a short summary on the line above and replace this paragraph
+ with a longer explanation of this change. Complete the meta-information
+ with other relevant fields (see below for details). To make it easier, the
+ information below has been extracted from the changelog. Adjust it or drop
+ it.
+ .
+ securityonion-web-page (20141015-0ubuntu0securityonion38) trusty; urgency=medium
+ .
+   * add more htmlspecialchars
+Author: Doug Burks <doug.burks@gmail.com>
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: http://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- securityonion-web-page-20141015.orig/elsa/index.php
++++ securityonion-web-page-20141015/elsa/index.php
+@@ -3,7 +3,7 @@
+ <title>ELSA</title>
+ <FRAMESET cols="15%,85%">
+    <FRAME name="fixed" src="menu.php">
+-   <FRAME name="dynamic" src="https://<?php echo $_SERVER['HTTP_HOST']; ?>:3154">
++   <FRAME name="dynamic" src="https://<?php echo htmlspecialchars("{$_SERVER['HTTP_HOST']}"); ?>:3154">
+ </FRAMESET>
+ </head>
+ </body>
+--- securityonion-web-page-20141015.orig/elsa/local.php.empty
++++ securityonion-web-page-20141015/elsa/local.php.empty
+@@ -5,4 +5,4 @@ The query links above can be used as a s
+ <i>/var/www/elsa/menu.php</i><br>
+ <br>
+ Here's a sample query link to get you started:<br>
+-<a href="https://<?php echo $_SERVER['HTTP_HOST']; ?>:3154/?query_string=class=BRO_CONN &quot;-&quot; groupby:resp_country_code" target="dynamic" onclick="turnBackBold (this);">Conn Groupby Country</a><br>
++<a href="https://<?php echo htmlspecialchars("{$_SERVER['HTTP_HOST']}"); ?>:3154/?query_string=class=BRO_CONN &quot;-&quot; groupby:resp_country_code" target="dynamic" onclick="turnBackBold (this);">Conn Groupby Country</a><br>
+--- securityonion-web-page-20141015.orig/index.php
++++ securityonion-web-page-20141015/index.php
+@@ -22,7 +22,7 @@ Please follow the <a href="https://githu
+ Links to quickly access your local Squert, ELSA, and Xplico instances:<br>
+ * <a href="/squert/">Squert</a>: View NIDS/HIDS alerts and HTTP logs<br>
+ * <a href="/elsa/">ELSA</a>: Search logs (IDS, Bro, and syslog)<br>
+-* <a href="https://<?php echo $_SERVER['HTTP_HOST']; ?>:9876">Xplico</a>: Carve PCAP files (please note that <a href="https://github.com/Security-Onion-Solutions/security-onion/wiki/Firewall">port 9876 is not open to the outside world by default</a>)<br>
++* <a href="https://<?php echo htmlspecialchars("{$_SERVER['HTTP_HOST']}"); ?>:9876">Xplico</a>: Carve PCAP files (please note that <a href="https://github.com/Security-Onion-Solutions/security-onion/wiki/Firewall">port 9876 is not open to the outside world by default</a>)<br>
+ <br>
+ <b>Useful Links</b><br>
+ Links to useful Security Onion information:<br>

debian/patches/series

@@ -24,3 +24,4 @@ remove-snorby
 remove-12.04
 Issue-824:-securityonion-web-page:-htmlspecialchars
 securityonion-web-page:-move-SSH-Logins-query-to-Host-Logs-category-#810
+add-more-htmlspecialchars

elsa/index.php

@@ -3,7 +3,7 @@
 <title>ELSA</title>
 <FRAMESET cols="15%,85%">
    <FRAME name="fixed" src="menu.php">
-   <FRAME name="dynamic" src="https://<?php echo $_SERVER['HTTP_HOST']; ?>:3154">
+   <FRAME name="dynamic" src="https://<?php echo htmlspecialchars("{$_SERVER['HTTP_HOST']}"); ?>:3154">
 </FRAMESET>
 </head>
 </body>

elsa/local.php.empty

@@ -5,4 +5,4 @@ The query links above can be used as a starting point and are stored in:<br>
 <i>/var/www/elsa/menu.php</i><br>
 <br>
 Here's a sample query link to get you started:<br>
-<a href="https://<?php echo $_SERVER['HTTP_HOST']; ?>:3154/?query_string=class=BRO_CONN &quot;-&quot; groupby:resp_country_code" target="dynamic" onclick="turnBackBold (this);">Conn Groupby Country</a><br>
+<a href="https://<?php echo htmlspecialchars("{$_SERVER['HTTP_HOST']}"); ?>:3154/?query_string=class=BRO_CONN &quot;-&quot; groupby:resp_country_code" target="dynamic" onclick="turnBackBold (this);">Conn Groupby Country</a><br>

index.php

@@ -22,7 +22,7 @@
 Links to quickly access your local Squert, ELSA, and Xplico instances:<br>
 * <a href="/squert/">Squert</a>: View NIDS/HIDS alerts and HTTP logs<br>
 * <a href="/elsa/">ELSA</a>: Search logs (IDS, Bro, and syslog)<br>
-* <a href="https://<?php echo $_SERVER['HTTP_HOST']; ?>:9876">Xplico</a>: Carve PCAP files (please note that <a href="https://github.com/Security-Onion-Solutions/security-onion/wiki/Firewall">port 9876 is not open to the outside world by default</a>)<br>
+* <a href="https://<?php echo htmlspecialchars("{$_SERVER['HTTP_HOST']}"); ?>:9876">Xplico</a>: Carve PCAP files (please note that <a href="https://github.com/Security-Onion-Solutions/security-onion/wiki/Firewall">port 9876 is not open to the outside world by default</a>)<br>
 <br>
 <b>Useful Links</b><br>
 Links to useful Security Onion information:<br>