From 7b37cedaf6c303a5304ee61ae4c147a0281cdeff Mon Sep 17 00:00:00 2001
From: iliajie <gpg@ilia.engineer>
Date: Thu, 18 May 2023 21:38:22 +0300
Subject: [PATCH] Fix to filter possible JavaScript in PDF files
 https://github.com/webmin/webmin/issues/1907#issuecomment-1552117601

---
 updown/fetch.cgi | 2 +-
 web-lib-funcs.pl | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/updown/fetch.cgi b/updown/fetch.cgi
index 71d830a62..88dd60d0d 100755
--- a/updown/fetch.cgi
+++ b/updown/fetch.cgi
@@ -84,7 +84,7 @@ if ($ENV{'PATH_INFO'}) {
 		print "Content-length: $st[7]\n";
 		print "X-Content-Type-Options: nosniff\n";
 		print "Content-type: $type\n\n";
-		my $dtype = $type =~ /html|xml/i;
+		my $dtype = $type =~ /html|xml|pdf/i;
 		my $bsize =
 		    $dtype ? $st[7] : &get_buffer_size_binary();
 		while(read(FILE, $buffer, $bsize)) {
diff --git a/web-lib-funcs.pl b/web-lib-funcs.pl
index d6f0a56a5..6855412fa 100755
--- a/web-lib-funcs.pl
+++ b/web-lib-funcs.pl
@@ -9274,6 +9274,8 @@ $rv =~ s/(on(Abort|BeforeUnload|Blur|Change|Click|ContextMenu|Copy|Cut|DblClick|
 $rv =~ s/(javascript(:|&colon;|&#58;|&#x3A;))/x$1/gi;
 $rv =~ s/(vbscript(:|&colon;|&#58;|&#x3A;))/x$1/gi;
 $rv =~ s/<([^>]*\s|)(on\S+=)(.*)>/<$1x$2$3>/gi;
+$rv =~ s/([\n]*)<<[\n((?:.*?|\n)*?)][\w\s\/]+[\n((?:.*?|\n)*?)][\w\s\/]+JavaScript[\w\s\/]*[\n((?:.*?|\n)*?)][\w\s\/]+\s.*?>>[\n]*/$1/gmsi;
+$rv =~ s/<<.*?JavaScript.*?>>([\n]+|[\s]*)//gi;
 return $rv;
 }