open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

xss vulnerabilities fixed

Browse Source
remotes/origin/stable45
Bjoern Schiessle 13 years ago
parent 033d372f98
commit e1fa9c282b
2 changed files with 2 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      apps/gallery/lib/tiles.php
  2. 2
      apps/gallery/templates/index.php

2
apps/gallery/lib/tiles.php
Unescape View File

@ -168,7 +168,7 @@ class TileStack extends TileBase {
}
public function getOnClickAction() {
return 'javascript:openNewGal(\''.$this->stack_name.'\');';
return 'javascript:openNewGal(\''.\OCP\Util::sanitizeHTML($this->stack_name).'\');';
}
private $tiles_array;

2
apps/gallery/templates/index.php
Unescape View File

@ -1,6 +1,6 @@
<script type="text/javascript">
var root = "<?php echo $_['root']; ?>";
var root = "<?php echo OCP\Util::sanitizeHTML($_['root']); ?>";
$(document).ready(function() {
$("a[rel=images]").fancybox({

Write Preview
Loading…
Cancel
Save