sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

xss vulnerabilities fixed

remotes/origin/stable45
Bjoern Schiessle 2012-06-22 14:11:57 +07:00
parent 033d372f98
commit e1fa9c282b
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/gallery/lib/tiles.php
Unescape Escape View File

@ -168,7 +168,7 @@ class TileStack extends TileBase {
}
public function getOnClickAction() {
return 'javascript:openNewGal(\''.$this->stack_name.'\');';
return 'javascript:openNewGal(\''.\OCP\Util::sanitizeHTML($this->stack_name).'\');';
}
private $tiles_array;

2
apps/gallery/templates/index.php
Unescape Escape View File

@ -1,6 +1,6 @@
<script type="text/javascript">
var root = "<?php echo $_['root']; ?>";
var root = "<?php echo OCP\Util::sanitizeHTML($_['root']); ?>";
$(document).ready(function() {
$("a[rel=images]").fancybox({